14 matches found
EUVD-2018-3148
Malware in sbrugna...
CVE-2018-21123
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WC7500 before 6.5.3.9, WC7520 before 6.5.3.9, WC7600v1 before 6.5.3.9, and WC7600v2 before 6.5.3.9...
CVE-2018-21123
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WC7500 before 6.5.3.9, WC7520 before 6.5.3.9, WC7600v1 before 6.5.3.9, and WC7600v2 before 6.5.3.9...
Command injection
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WC7500 before 6.5.3.9, WC7520 before 6.5.3.9, WC7600v1 before 6.5.3.9, and WC7600v2 before 6.5.3.9...
CVE-2018-21123
CVE-2018-21123 affects NETGEAR WC7500, WC7520, WC7600v1, and WC7600v2 prior to version 6.5.3.9. The issue is a pre-authentication command injection vulnerability (attack vector: adjacent network; low attack complexity; no authentication required) with impact to confidentiality, integrity, and ava...
CVE-2018-21123
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WC7500 before 6.5.3.9, WC7520 before 6.5.3.9, WC7600v1 before 6.5.3.9, and WC7600v2 before 6.5.3.9...
CVE-2018-11106
NETGEAR has released fixes for a pre-authentication command injection in requesthandler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to...
Command injection
NETGEAR has released fixes for a pre-authentication command injection in requesthandler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to...
CVE-2018-11106
NETGEAR has released fixes for a pre-authentication command injection in requesthandler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to...
CVE-2018-11106
NETGEAR devices affected: WC7500, WC7520, WC7600v1, WC7600v2, and WC9500. Issue: pre-authentication command injection in request_handler.php. Root cause: improper handling in the PHP request handler allows arbitrary commands to be executed before authentication. Impact (as stated): high confident...
CVE-2016-11022
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to loginhandler.php...
Code injection
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to loginhandler.php...
CVE-2016-11022
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to loginhandler.php...
CVE-2016-11022
CVE-2016-11022 affects NETGEAR Prosafe WC9500 (v5.1.0.17), WC7600 (v5.1.0.17), and WC7520 (v2.5.0.35). A remote attacker can achieve code execution with root privileges by supplying shell metacharacters in the reqMethod parameter to login_handler.php. The entry explicitly describes remote code ex...