Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netgear Subscribe
Total 1197 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-24498 1 Netgear 2 Prosafe Fs726tp, Prosafe Fs726tp Firmware 2024-11-21 N/A 7.5 HIGH
An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text.
CVE-2023-1327 1 Netgear 2 Rax30, Rax30 Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password.
CVE-2023-0850 1 Netgear 2 Wndr3700, Wndr3700 Firmware 2024-11-21 3.3 LOW 2.7 LOW
A vulnerability was found in Netgear WNDR3700v2 1.0.1.14 and classified as problematic. This issue affects some unknown processing of the component Web Interface. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221153 was assigned to this vulnerability.
CVE-2023-0849 1 Netgear 2 Wndr3700, Wndr3700 Firmware 2024-11-21 5.8 MEDIUM 4.7 MEDIUM
A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221152.
CVE-2023-0848 1 Netgear 2 Wndr3700, Wndr3700 Firmware 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
A vulnerability was found in Netgear WNDR3700v2 1.0.1.14. It has been rated as problematic. This issue affects some unknown processing of the component Web Management Interface. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221147.
CVE-2022-44200 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.
CVE-2022-44199 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44198 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2022-44197 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44196 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2022-44194 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.
CVE-2022-44193 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute.
CVE-2022-44191 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.
CVE-2022-44190 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.
CVE-2022-44188 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.
CVE-2022-44187 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.
CVE-2022-44186 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.
CVE-2022-44184 1 Netgear 2 R7000p, R7000p Firmware 2024-11-21 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.
CVE-2022-42221 1 Netgear 2 R6220, R6220 Firmware 2024-11-21 N/A 8.8 HIGH
Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability.
CVE-2022-38956 1 Netgear 2 Wpn824ext, Wpn824ext Firmware 2024-11-21 N/A 5.3 MEDIUM
An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to replace the user-uploaded firmware image with an original old firmware image. This affects Firmware 1.1.1_1.1.9 and earlier.