Lucene search

K
NetgearRs400 Firmware

10 matches found

CVE
CVE
added 2021/11/15 4:15 p.m.114 views

CVE-2021-34991

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by de...

8.8CVSS8.9AI score0.00565EPSS
CVE
CVE
added 2021/03/29 9:15 p.m.56 views

CVE-2021-27239

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UD...

8.8CVSS9AI score0.01925EPSS
CVE
CVE
added 2023/03/29 7:15 p.m.52 views

CVE-2022-27644

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files v...

8.8CVSS6.3AI score0.00092EPSS
CVE
CVE
added 2021/12/26 1:15 a.m.46 views

CVE-2021-45606

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120,...

8.8CVSS8.7AI score0.00336EPSS
CVE
CVE
added 2023/03/29 7:15 p.m.46 views

CVE-2022-27642

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect str...

8.8CVSS7.2AI score0.00037EPSS
CVE
CVE
added 2021/12/26 1:15 a.m.41 views

CVE-2021-45679

Certain NETGEAR devices are affected by privilege escalation. This affects R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, and RS400 before 1.5.1.80.

8.4CVSS7AI score0.00463EPSS
CVE
CVE
added 2023/03/29 7:15 p.m.41 views

CVE-2022-27643

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAc...

8.8CVSS8.8AI score0.04651EPSS
CVE
CVE
added 2023/03/29 7:15 p.m.40 views

CVE-2022-27646

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists w...

8.8CVSS8.4AI score0.01475EPSS
CVE
CVE
added 2023/03/29 7:15 p.m.40 views

CVE-2022-27647

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists w...

8CVSS8AI score0.00064EPSS
CVE
CVE
added 2021/12/26 1:15 a.m.38 views

CVE-2021-45549

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 before 1.1.6.122, MR60 before 1.1.6.122, MS60 before 1.1.6.122, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P b...

8.4CVSS6.8AI score0.00405EPSS