R7000p Firmware Security Vulnerabilities and Issues — R7000p Firmware CVE List

Lucene search

NetgearR7000p Firmware

32 matches found

CVE•added 2021/09/21 6:15 p.m.•77 views

CVE-2021-40847

The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. While the parental controls themselves are not enabled by default on the routers, the Circle update daemon, circled, is enabled by...

9.3CVSS8.2AI score0.06129EPSS

CVE•added 2020/12/30 12:15 a.m.•70 views

CVE-2020-35795

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 be...

9.8CVSS9.7AI score0.00556EPSS

CVE•added 2022/12/30 8:15 a.m.•69 views

CVE-2022-48196

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136, R7960P before 1.4.4.94,...

9.8CVSS9.7AI score0.00457EPSS

CVE•added 2022/11/22 2:15 p.m.•66 views

CVE-2022-44199

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2020/12/30 12:15 a.m.•64 views

CVE-2020-35798

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7...

9.3CVSS8AI score0.00376EPSS

CVE•added 2020/04/16 8:15 p.m.•62 views

CVE-2019-20730

Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.4...

9.8CVSS9.8AI score0.00395EPSS

CVE•added 2020/12/30 12:15 a.m.•58 views

CVE-2020-35800

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before 1.0.0.80, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 befor...

9.7CVSS9.2AI score0.01246EPSS

CVE•added 2022/11/22 2:15 p.m.•56 views

CVE-2022-44187

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2022/11/22 2:15 p.m.•56 views

CVE-2022-44194

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.

9.8CVSS9.4AI score0.00231EPSS

CVE•added 2022/11/22 2:15 p.m.•55 views

CVE-2022-44191

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2022/11/22 2:15 p.m.•55 views

CVE-2022-44193

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2022/11/22 2:15 p.m.•50 views

CVE-2022-44200

Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2022/11/22 3:15 p.m.•49 views

CVE-2022-44184

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2022/11/22 2:15 p.m.•48 views

CVE-2022-44188

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.

9.8CVSS9.3AI score0.00334EPSS

CVE•added 2022/11/22 2:15 p.m.•47 views

CVE-2022-44186

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2022/11/22 2:15 p.m.•47 views

CVE-2022-44190

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2022/11/22 2:15 p.m.•47 views

CVE-2022-44198

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2023/02/13 5:15 a.m.•46 views

CVE-2022-48322

NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.

9.8CVSS9.6AI score0.00334EPSS

CVE•added 2021/12/26 1:15 a.m.•44 views

CVE-2021-45638

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R7000 before 1.0....

9.8CVSS9.7AI score0.00312EPSS

CVE•added 2022/11/22 2:15 p.m.•44 views

CVE-2022-44197

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.

9.8CVSS9.4AI score0.00334EPSS

CVE•added 2023/09/01 4:15 p.m.•43 views

CVE-2023-36187

Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.

9.8CVSS9.7AI score0.04535EPSS

CVE•added 2020/04/29 2:15 p.m.•42 views

CVE-2017-18853

Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1...

9.6CVSS6.6AI score0.0041EPSS

CVE•added 2021/12/26 1:15 a.m.•42 views

CVE-2021-45624

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R8000 before 1.0.4.62, XR300 before 1.0.3.56, R7000P before 1.3.2.132, R850...

9.8CVSS9.7AI score0.01194EPSS

CVE•added 2021/12/26 1:15 a.m.•41 views

CVE-2021-45512

Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 bef...

9.8CVSS9.3AI score0.00157EPSS

CVE•added 2021/12/26 1:15 a.m.•41 views

CVE-2021-45609

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6250 before 1.0.4.48, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7900 before 1.0.4.38, R8300 before 1.0.2.144, R8500 before 1.0.2.144, XR300 before 1.0.3.68, R7000P...

9.8CVSS9.7AI score0.00342EPSS

CVE•added 2021/12/26 1:15 a.m.•40 views

CVE-2021-45625

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R6900P before 1.3.3.140.

9.8CVSS9.7AI score0.01194EPSS

CVE•added 2021/03/23 7:15 a.m.•39 views

CVE-2021-29068

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 be...

9.9CVSS8.8AI score0.00552EPSS

CVE•added 2021/12/26 1:15 a.m.•39 views

CVE-2021-45527

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 befo...

9.8CVSS9.5AI score0.01241EPSS

CVE•added 2022/11/22 2:15 p.m.•39 views

CVE-2022-44196

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1.

9.8CVSS9.3AI score0.00334EPSS

CVE•added 2021/12/26 1:15 a.m.•38 views

CVE-2021-45650

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before 1.3.2.126.

9.1CVSS7.4AI score0.00268EPSS

CVE•added 2020/04/23 8:15 p.m.•35 views

CVE-2018-21134

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1....

9.8CVSS9.7AI score0.00528EPSS

CVE•added 2021/12/26 1:15 a.m.•34 views

CVE-2021-45500

Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3.140 and R8000 before 1.0.4.68.

9.6CVSS8.7AI score0.00117EPSS