Filtered by vendor Netgear
Subscribe
Total
1285 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44193 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute. | |||||
| CVE-2022-44191 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2. | |||||
| CVE-2022-44190 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering. | |||||
| CVE-2022-44188 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering. | |||||
| CVE-2022-44187 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri. | |||||
| CVE-2022-44186 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri. | |||||
| CVE-2022-44184 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec. | |||||
| CVE-2024-54802 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-22 | N/A | 9.8 CRITICAL |
| In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header. | |||||
| CVE-2024-54803 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-22 | N/A | 9.8 CRITICAL |
| Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoe_peer_mac and forcing a reboot. This will result in command injection. | |||||
| CVE-2024-51006 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51001 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sysDNSHost parameter at ddns.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51000 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component wireless.cgi via the opmode, opmode_an, and opmode_an_2 parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-50999 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-50998 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpn_service_port and openvpn_service_port_tun parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-50995 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-50994 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6_fix.cgi via the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_length parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-50993 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | N/A | 8.0 HIGH |
| Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at admin_account.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2025-29044 | 1 Netgear | 2 R6100, R6100 Firmware | 2025-04-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value | |||||
| CVE-2016-1556 | 1 Netgear | 12 Wn604, Wn604 Firmware, Wnap320 and 9 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages. | |||||
| CVE-2017-2137 | 1 Netgear | 1 Prosafe Plus Configuration Utility | 2025-04-20 | 4.3 MEDIUM | 3.7 LOW |
| ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote attackers to bypass access restriction and change configurations of the switch via SOAP requests. | |||||