Ex8000 Firmware Security Vulnerabilities and Issues — Ex8000 Firmware CVE List

Lucene search

NetgearEx8000 Firmware

9 matches found

cve•added 2021/03/05 8:15 p.m.•72 views

CVE-2021-27254

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encrypti...

8.8CVSS9AI score0.00062EPSS

cve•added 2021/03/05 8:15 p.m.•68 views

CVE-2021-27255

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of...

8.8CVSS9AI score0.01232EPSS

cve•added 2021/03/05 8:15 p.m.•67 views

CVE-2021-27256

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists wit...

8.8CVSS8.8AI score0.0041EPSS

cve•added 2020/12/30 12:15 a.m.•66 views

CVE-2020-35787

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 bef...

8CVSS7.9AI score0.00139EPSS

cve•added 2021/02/12 12:15 a.m.•61 views

CVE-2020-27861

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP reques...

8.8CVSS8.8AI score0.00441EPSS

cve•added 2021/04/14 4:15 p.m.•44 views

CVE-2021-27251

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a inse...

8.8CVSS8.8AI score0.00217EPSS

cve•added 2021/04/14 4:15 p.m.•40 views

CVE-2021-27253

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling...

8.8CVSS8.8AI score0.00545EPSS

cve•added 2021/04/14 4:15 p.m.•36 views

CVE-2021-27252

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The iss...

8.8CVSS8.8AI score0.0041EPSS

cve•added 2023/03/29 7:15 p.m.•35 views

CVE-2022-27641

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of ...

8.8CVSS8.9AI score0.0014EPSS