11 matches found
CVE-2025-12945
The CVE-2025-12945 entry concerns NETGEAR Nighthawk R7000P routers with versions up to 1.3.3.154. The vulnerability is an OS command injection caused by improper input validation when accessed by an authenticated administrator. Impact is limited to the affected device where an admin could inject ...
CVE-2025-12945 Improper input validation in NETGEAR Nighthawk router R7000P
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...
The vulnerability in the usb_device.cgi script of NETGEAR’s router microprogramming software allows a hacker to induce a service failure.
The vulnerability in the usbdevice.cgi script of NETGEAR’s R8500 and R7000P router microprogramming systems lies in a buffer overflow that occurs during the processing of the cifsuser, readaccess, and writeaccess parameters. Exploiting this vulnerability allows an attacker to trigger a...
CVE-2024-52026
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at bswpppoe.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
NETGEAR R8500、XR300、R7000P和R6400v2 安全漏洞
NETGEAR R6400v2 and others are products of NETGEAR USA.NETGEAR R6400v2 is a router.NETGEAR R7000P is a wireless router.NETGEAR XR300 is a wireless router. A security vulnerability exists in NETGEAR R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128, which originates from...
PT-2024-8260 · NetGear · Netgear R6400V2 +2
Name of the Vulnerable Software and Affected Versions: Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: The issue is related to a buffer overflow in the bsw pppoe.cgi script of Netgear router firmware, specifically when handling the...
NETGEAR R8500 安全漏洞
The NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128, which originates from the pptpuserip parameter in the bswpptp.cgi component contains a buffer overflow vulnerability...
The vulnerability of the httpd daemon in the NETGEAR R7000P router’s embedded software allows a hacker to execute arbitrary code.
The vulnerability of the httpd daemon in the NETGEAR R7000P router’s embedded software is related to a buffer overflow exploit through the enablebandsteering parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the built-in software of NETGEAR R7000, R6900P, and R7000P routers lies in the lack of measures to sanitize input data, allowing attackers to execute arbitrary commands.
The vulnerability of the embedded software of NETGEAR R7000, R6900P, and R7000P routers lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...
The vulnerability of the built-in software of NETGEAR XR300, R7000P, and R6900P routers lies in the lack of measures to sanitize input data, allowing attackers to execute arbitrary commands.
The vulnerability of NETGEAR XR300, R7000P, and R6900P router’s built-in software lies in the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2021-45673
Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106...