Filtered by vendor Netgear
Subscriptions
Total
1306 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54806 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | 9.8 Critical |
| Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface. | ||||
| CVE-2024-54807 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | 9.8 Critical |
| In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request for AddPortMapping via the router's WANIPConn1 service to achieve arbitrary command execution. | ||||
| CVE-2024-54808 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | 9.8 Critical |
| Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution. | ||||
| CVE-2024-54809 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | 9.8 Critical |
| Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take control of the program counter and hijack control flow of the program to execute arbitrary system commands. | ||||
| CVE-2022-46424 | 1 Netgear | 2 Xwn5001, Xwn5001 Firmware | 2025-04-16 | 8.1 High |
| An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v0.4.1.1 and earlier. | ||||
| CVE-2022-4390 | 1 Netgear | 2 Ax2400, Ax2400 Firmware | 2025-04-14 | 10 Critical |
| A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions do not appear to be applied to the WAN interface for IPv6. This allows arbitrary access to any services running on the device that may be inadvertently listening via IPv6, such as the SSH and Telnet servers spawned on ports 22 and 23 by default. This misconfiguration could allow an attacker to interact with services only intended to be accessible by clients on the local network. | ||||
| CVE-2015-8263 | 1 Netgear | 2 Wnr1000v3, Wnr1000v3 Firmware | 2025-04-12 | N/A |
| NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. | ||||
| CVE-2015-8288 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2025-04-12 | N/A |
| NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | ||||
| CVE-2016-1349 | 7 Cisco, Intel, Netgear and 4 more | 7 Ios Xe, Core I5-9400f Firmware, Jr6150 Firmware and 4 more | 2025-04-12 | N/A |
| The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. | ||||
| CVE-2016-5675 | 2 Netgear, Nuuo | 4 Readynas Surveillance, Crystal, Nvrmini 2 and 1 more | 2025-04-12 | N/A |
| handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter. | ||||
| CVE-2016-5674 | 2 Netgear, Nuuo | 3 Readynas Surveillance, Nvrmini 2, Nvrsolo | 2025-04-12 | N/A |
| __debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. | ||||
| CVE-2016-5679 | 2 Netgear, Nuuo | 2 Readynas Surveillance, Nvrmini 2 | 2025-04-12 | N/A |
| cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command. | ||||
| CVE-2015-8289 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2025-04-12 | N/A |
| The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code. | ||||
| CVE-2016-1346 | 6 Cisco, Dell, Netgear and 3 more | 6 Telepresence Server Mse 8710, Emc Powerscale Onefs, Jr6150 Firmware and 3 more | 2025-04-12 | N/A |
| The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. | ||||
| CVE-2014-4864 | 1 Netgear | 1 Prosafe Firmware | 2025-04-12 | N/A |
| The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file. | ||||
| CVE-2015-6312 | 5 Cisco, Dell, Netgear and 2 more | 9 Telepresence Server 7010, Telepresence Server Mse 8710, Telepresence Server On Multiparty Media 310 and 6 more | 2025-04-12 | N/A |
| Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. | ||||
| CVE-2016-1525 | 1 Netgear | 1 Prosafe Network Management Software 300 | 2025-04-12 | N/A |
| Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter. | ||||
| CVE-2014-2969 | 1 Netgear | 2 Gs108pe, Gs108pe Firmware | 2025-04-12 | N/A |
| NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to (1) produce_burn.cgi, (2) register_debug.cgi, or (3) bootcode_update.cgi. | ||||
| CVE-2016-1348 | 6 Cisco, Netgear, Samsung and 3 more | 6 Ios Xe, Jr6150 Firmware, X14j Firmware and 3 more | 2025-04-12 | N/A |
| Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821. | ||||
| CVE-2016-1524 | 1 Netgear | 1 Prosafe Network Management Software 300 | 2025-04-12 | N/A |
| Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via a direct request for a /null URI. | ||||