Skip to main content

Netgear

748 CVEs vendor

Monthly

CVE-2026-62659 MEDIUM PATCH This Month

A security flaw was discovered in the NETGEAR WAX333 Access Point that could allow someone already logged in and connected to the local network to make unauthorized changes to the device's settings

Authentication Bypass Netgear Wax333
NVD
CVSS 4.0
4.3
EPSS
0.2%
CVE-2026-15757 MEDIUM Monitor

A security flaw was discovered in the NETGEAR DGND3700v1 that could allow someone on the same local WiFi network to send unauthorized commands to the device. This issue was identified through testing in a controlled research environment using a simulated version of the router's software and has not been confirmed on physical production devices.

Authentication Bypass Netgear Dgnd3700V1
NVD
CVSS 4.0
6.3
EPSS
0.2%
CVE-2026-62656 MEDIUM PATCH This Month

A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation.

Authentication Bypass Netgear Raxe450 Raxe500
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2026-62655 MEDIUM PATCH This Month

Stack-based buffer overflow in multiple NETGEAR Orbi mesh WiFi models (RBR860, RBRE950/960, RBE970/971, RBS860, RBSE950/960) enables an unauthenticated adjacent-network attacker to crash or force a restart of the affected device, causing a loss of network connectivity. The root cause is CWE-121 (stack-based buffer overflow), meaning a crafted network payload can overwrite stack memory and destabilize the device process. The CVSS 4.0 supplemental metric E:P indicates a proof-of-concept exploit exists, elevating practical risk despite the moderate base score of 5.7.

Buffer Overflow Stack Overflow Netgear Rbr860 Rbre950 +6
NVD
CVSS 4.0
5.7
EPSS
0.2%
CVE-2026-62657 MEDIUM PATCH This Month

A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device.

Authentication Bypass Netgear Mr70 Ms70 Raxe500 +1
NVD
CVSS 4.0
4.9
EPSS
0.1%
CVE-2026-62658 MEDIUM PATCH This Month

Post-authentication command execution in NETGEAR Nighthawk RAX-series routers (RAX43, RAX45, RAX50, RAX54S, RAX54Sv2) permits an attacker already holding administrative credentials and adjacent network access to run unauthorized OS-level commands or code on the device. Rooted in CWE-20 (Improper Input Validation), the flaw bypasses authorization controls within the authenticated management session, yielding high integrity impact on the vulnerable system. No public exploit identified at time of analysis, though the CVSS 4.0 supplemental metric E:P indicates proof-of-concept code exists; a vendor-released patch is available from NETGEAR.

Authentication Bypass Netgear Rax43 Rax45 Rax50 +2
NVD
CVSS 4.0
4.7
EPSS
0.2%
CVE-2026-0420 MEDIUM PATCH This Month

TLS certificate validation failure in the ReadyCloud client app on multiple NETGEAR router models exposes confidential data to network interception. The app does not properly validate TLS certificates (CWE-325), enabling a network-positioned attacker to perform man-in-the-middle (MiTM) attacks against ReadyCloud communications. Affected models include the RAX35, RAX38, RAX40, RAX120v1, and RAX120v2 running firmware below the patched versions; no public exploit code exists and no active exploitation has been confirmed.

Information Disclosure Netgear Rax120V1 Rax120V2 Rax35 +2
NVD VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-9212 MEDIUM PATCH This Month

Insufficient authentication (CWE-306) and input validation weaknesses across more than 25 NETGEAR router and mesh system models allow an adjacent-network attacker with low-level privileges to execute arbitrary commands and read sensitive configuration data, or alter certain device settings. The CVSS 4.0 vector confirms the attack is limited to adjacent network segments (AV:A) and requires low privileges (PR:L), with high confidentiality impact on both the vulnerable component and subsequent systems (VC:H, SC:H). No public exploit has been identified at time of analysis, and NETGEAR has self-reported the issue with patches available for all listed product lines.

Authentication Bypass Netgear Lbr1020 Lbr20 R6700Ax +22
NVD VulDB
CVSS 4.0
5.6
EPSS
0.1%
CVE-2026-0411 MEDIUM PATCH This Month

Information disclosure in NETGEAR Orbi satellite devices (RBR350, RBR760, RBS350, RBS760, RBE97x) allows a low-privileged user on the same network to obtain administrator access to the Orbi router. The flaw resides specifically in the satellite-to-router communication layer, as NETGEAR explicitly confirms Orbi systems deployed without satellites are unaffected. No public exploit exists (CVSS E:U) and CISA SSVC rates exploitation as none, but the high secondary impact scores (SC:H/SI:H/SA:H) reflect that successful exploitation yields full router compromise.

Information Disclosure Netgear Rbe97X Rbr350 Rbr760 +2
NVD VulDB
CVSS 4.0
4.2
EPSS
0.0%
CVE-2026-0415 MEDIUM PATCH This Month

Insufficient input validation across multiple NETGEAR Orbi mesh router models (RBR/RBS/RBE series) permits authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their intended privilege scope. Affected are all firmware versions prior to V7.2.8.5 on most Orbi models and prior to V9.12.4.9 on the RBE97x series. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog; NETGEAR self-reported and has released patched firmware addressing the flaw.

Authentication Bypass Netgear Rbe97X Rbr750 Rbr840 +10
NVD VulDB
CVSS 4.0
4.3
EPSS
0.1%
CVE-2026-0414 MEDIUM PATCH This Month

Code injection in NETGEAR RBE97x routers (firmware prior to V9.12.4.9) enables authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their sanctioned scope. The vulnerability stems from insufficient input validation (CWE-94), where administrator-supplied input is not properly sanitized before being processed, potentially allowing execution of injected code. No public exploit exists and CISA SSVC classifies exploitation status as 'none', making this a low-urgency but valid integrity risk for environments where shared or compromised admin accounts are a concern.

Code Injection Netgear RCE Rbe97X
NVD VulDB
CVSS 4.0
4.3
EPSS
0.0%
CVE-2026-0413 MEDIUM PATCH This Month

Stack-based buffer overflow in NETGEAR Orbi mesh router firmware (RBE, RBR, RBS series) enables authenticated administrators with local network access to submit malformed buffer input that bypasses validation and triggers unauthorized modification of router software and functionality. The attack surface is significantly constrained by the requirement for both administrative credentials (PR:H) and adjacent network positioning (AV:A), limiting realistic exposure to insider threats or scenarios where an attacker has already compromised admin credentials within the LAN. No public exploit identified at time of analysis, SSVC confirms exploitation status as none, and vendor-released patches are available across all affected model lines.

Netgear Stack Overflow Buffer Overflow Rbe37X Rbe77X +12
NVD VulDB
CVSS 4.0
4.3
EPSS
0.0%
CVE-2026-0417 MEDIUM PATCH This Month

Integrity tampering in NETGEAR router and mesh network firmware allows authenticated administrators on the local network to submit insufficiently validated input, modifying the router's configuration or internal state in unintended ways. Affected devices span at least 27 product lines including MR/MS mesh units and R-series routers, all running firmware below specific patched versions identified by NETGEAR (EUVD-2026-35460). No public exploit has been identified at time of analysis, SSVC assigns no active exploitation and non-automatable status, and NETGEAR has released patched firmware across all affected product lines.

Information Disclosure Netgear Mr60 Mr70 Mr80 +24
NVD VulDB
CVSS 4.0
4.3
EPSS
0.1%
CVE-2026-9210 MEDIUM PATCH This Month

Insufficient input validation across 30+ NETGEAR router, range extender, and mesh networking models enables local network-adjacent modification of router software and functionality. The CVSS 4.0 vector assigns PR:N (no privileges required) and AV:A (adjacent network), yet the CVE description scopes the vulnerability to 'authenticated administrators' - the 'Authentication Bypass' tag supplied by NETGEAR suggests the input validation flaw may itself circumvent authentication controls, reconciling this apparent conflict. Integrity impact is rated High (VI:H) against the vulnerable system, meaning successful exploitation allows unauthorized firmware or configuration modification. No public exploit is identified at time of analysis (E:U), and this CVE is not listed in the CISA KEV catalog.

Authentication Bypass Netgear Ex3700 Ex3800 Ex6120 +28
NVD
CVSS 4.0
4.9
EPSS
0.1%
CVE-2026-9213 MEDIUM PATCH This Month

Remote code execution affects NETGEAR gaming routers (XR1000, MR70, MS70, RAXE500) when an attacker holds an on-path man-in-the-middle position between the device and the internet. The CVSS 4.0 vector (AV:N/AC:H/AT:P/PR:N/UI:N) confirms no privileges are needed on the target device but requires both high attack complexity and a specific network prerequisite - the ability to intercept and tamper with upstream traffic. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Netgear Mr70 Ms70 Raxe500 +1
NVD VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2026-0419 MEDIUM This Month

OS command injection in NETGEAR JR6150 firmware (all versions ≤ 1.0.1.26) allows locally authenticated or WiFi-connected users to execute arbitrary operating system commands via insufficient input validation (CWE-20). The device reached End-of-Support in 2018 and NETGEAR will not release a patch, leaving all deployments permanently unmitigated. No public exploit code exists and active exploitation has not been confirmed (not listed in CISA KEV), but the perpetual absence of patching makes device replacement the only durable remediation.

Information Disclosure Netgear Jr6150
NVD VulDB
CVSS 4.0
4.4
EPSS
0.1%
CVE-2026-0412 MEDIUM This Month

Insufficient input validation in the NETGEAR JR6150 AC750 router (firmware ≤1.0.1.26) enables authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their intended authorization scope. The device reached End-of-Support in 2018 and will receive no security patches. No public exploit code exists and no active exploitation has been identified; however, the device's permanent unpatched status makes risk acceptance or replacement the only long-term posture. The vulnerability was identified through firmware emulation and has not been verified on production hardware.

Authentication Bypass Netgear Jr6150
NVD VulDB
CVSS 4.0
4.3
EPSS
0.0%
CVE-2026-0409 MEDIUM PATCH This Month

Remote command execution in NETGEAR Orbi 370 series routers (firmware before V12.1.2.7) is achievable by a network-positioned adversary who can intercept and tamper with traffic between the device and the internet. Exploitation requires the device administrator to perform specific management actions while the attacker holds a man-in-the-middle position, at which point a buffer overflow (CWE-119) is triggered allowing arbitrary command execution on the device. No public exploit exists at time of analysis and the vendor has released a patching firmware (V12.1.2.7); no KEV listing has been issued by CISA.

Netgear Buffer Overflow Orbi 370
NVD VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2026-24714 HIGH This Week

End-of-service Netgear devices with TelnetEnable functionality can have telnet service remotely activated via specially crafted magic packets, enabling unauthenticated remote access to the device. An attacker on the network can exploit this to gain command-line access without credentials, potentially leading to device compromise and lateral movement. No patch is available for affected products.

Netgear
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2022-40620 HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. [CVSS 7.7 HIGH]

Netgear TLS R6230 Firmware Rax120 Firmware R8900 Firmware +7
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2022-40619 HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. [CVSS 7.7 HIGH]

Netgear Command Injection R7000 Firmware Xr300 Firmware R6230 Firmware +7
NVD
CVSS 3.1
7.7
EPSS
0.8%
CVE-2026-0408 HIGH PATCH This Week

NETGEAR WiFi extenders (Ex5000, Ex6110, Ex2800, Ex3110) with improper path traversal validation allow authenticated LAN users to access the webproc configuration file and extract stored router credentials. An attacker with local network access can leverage this to obtain administrative credentials for further network compromise. A patch is available.

Netgear Path Traversal Ex5000 Firmware Ex6110 Firmware Ex2800 Firmware +1
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-0407 HIGH PATCH This Week

NETGEAR WiFi extenders (Ex3110, Ex6110, Ex5000, Ex2800) contain an authentication bypass vulnerability that allows network-adjacent attackers with WiFi access or physical Ethernet connectivity to gain unauthorized admin panel access. An attacker can exploit insufficient authentication validation to fully compromise the device's confidentiality, integrity, and availability. A patch is available for affected firmware versions.

Netgear Ex3110 Firmware Ex6110 Firmware Ex5000 Firmware Ex2800 Firmware
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-0406 HIGH PATCH This Week

NETGEAR XR1000v2 routers are vulnerable to OS command injection through inadequate input validation, enabling attackers with LAN access to execute arbitrary commands with elevated privileges. The vulnerability affects authenticated users on the local network and could allow complete router compromise including data interception and network manipulation. A patch is available.

Netgear Command Injection Xr1000v2 Firmware
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-0405 HIGH PATCH This Week

Unauthenticated administrative access in NETGEAR Orbi routers (CBR750, NBR750, RBE370, RBE371) allows local network attackers to bypass authentication and gain full admin control of the web interface. This high-severity vulnerability (CVSS 7.8) impacts all users on networks connected to affected devices, enabling attackers to modify router settings, potentially compromising network security and connected devices. A patch is available.

Netgear Authentication Bypass Rbs750 Firmware Rbe970 Firmware Rbr850 Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0404 HIGH PATCH This Week

Authenticated attackers on the same network can execute arbitrary OS commands on NETGEAR Orbi routers (RBS860, RBR850, RBSE950) through improper validation of DHCPv6 input. The vulnerability requires local or WiFi network access but no user interaction, giving attackers full system compromise capabilities on affected devices. A patch is available for this high-severity flaw.

Netgear Command Injection Rbs860 Firmware Rbr850 Firmware Rbse950 Firmware +9
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-0403 HIGH PATCH This Week

NETGEAR Orbi routers (RBS850, RBE970, RBS750) are vulnerable to OS command injection through inadequate input validation, enabling attackers on the local network to execute arbitrary commands with elevated privileges. The vulnerability requires LAN access and low privileges but provides complete system compromise through high-impact code execution capabilities. A patch is available for affected firmware versions.

Netgear Command Injection Rbs850 Firmware Rbe970 Firmware Rbs750 Firmware +7
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-12944 MEDIUM This Month

Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Dgn2200 Firmware
NVD
CVSS 4.0
6.8
EPSS
0.1%
CVE-2025-12943 MEDIUM This Month

Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Rax30 Firmware Raxe300 Firmware
NVD
CVSS 4.0
5.2
EPSS
0.0%
CVE-2025-12942 MEDIUM Monitor

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to. Rated medium severity (CVSS 4.8). No vendor patch available.

Information Disclosure Netgear R6260 Firmware R6850 Firmware
NVD
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-12940 LOW Monitor

Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points). Rated low severity (CVSS 0.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Wax610Y Firmware Wax610 Firmware
NVD
CVSS 4.0
0.5
EPSS
0.0%
CVE-2013-10063 MEDIUM POC THREAT This Month

A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.8%.

Netgear Path Traversal
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
47.8%
Threat
4.3
CVE-2013-10061 HIGH POC THREAT Act Now

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.1%.

Netgear Command Injection Dgn1000B Firmware
NVD Exploit-DB
CVSS 4.0
8.6
EPSS
73.1%
Threat
5.4
CVE-2013-10060 CRITICAL POC THREAT Emergency

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.0%.

Netgear Command Injection Dgn2200B Firmware
NVD Exploit-DB
CVSS 4.0
9.4
EPSS
61.0%
Threat
5.2
CVE-2025-7407 LOW POC Monitor

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument host_name leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early and confirmed the existence of the vulnerability. They reacted very quickly, professional and kind. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Netgear
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.8%
CVE-2025-6565 HIGH POC This Week

CVE-2025-6565 is a critical stack-based buffer overflow vulnerability in Netgear WNCE3001 v1.0.0.50 affecting the HTTP POST request handler's Host parameter processing. An authenticated attacker can remotely exploit this to achieve complete system compromise including confidentiality, integrity, and availability violations. Public exploitation code exists, elevating immediate risk.

Buffer Overflow Netgear RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-48890 CRITICAL Act Now

CVE-2025-48890 is a critical OS command injection vulnerability in the miniigd SOAP service affecting WRH-733GBK and WRH-733GWH network storage devices. Remote unauthenticated attackers can execute arbitrary OS commands by sending specially crafted requests, achieving complete system compromise (CVSS 9.8). With an attack vector of Network/Low complexity/No privileges required, this vulnerability poses immediate risk to exposed devices.

Command Injection RCE IoT Netgear
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2025-6511 HIGH POC This Week

CVE-2025-6511 is a critical stack-based buffer overflow vulnerability in Netgear EX6150 (version 1.0.0.46_1.0.76) affecting the sub_410090 function, allowing authenticated attackers to achieve remote code execution with high integrity, confidentiality, and availability impact. The vulnerability is publicly disclosed with proof-of-concept code available, and impacts only end-of-life products no longer receiving vendor support, elevating real-world exploitation risk for unpatched legacy deployments.

Buffer Overflow Netgear RCE Denial Of Service Ex6150 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-6510 HIGH POC This Week

CVE-2025-6510 is a critical stack-based buffer overflow vulnerability in Netgear EX6100 WiFi extender (version 1.0.2.28_1.1.138) affecting the sub_415EF8 function. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with high integrity and availability impact. The vulnerability has public exploit disclosure and affects only end-of-life products no longer receiving vendor support.

Buffer Overflow Netgear RCE Ex6100 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-45986 CRITICAL POC Act Now

A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network.

Command Injection Netgear RCE Bl Wr9000 Firmware Bl F1200 At1 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-45984 CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE Netgear Bl F1200 At1 Firmware Bl Ac1900 Firmware +7
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-5934 HIGH POC This Week

A critical stack-based buffer overflow vulnerability (CVE-2025-5934) exists in Netgear EX3700 wireless extenders up to version 1.0.0.88, affecting the sub_41619C function in the /mtd file. An authenticated attacker can remotely exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code is available, and while the affected product line is no longer supported by Netgear, immediate patching to version 1.0.0.98 is critical for active deployments.

Buffer Overflow Netgear Ex3700 Firmware RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-5495 HIGH POC This Week

Critical authentication bypass vulnerability in Netgear WNR614 version 1.1.0.28_1.0.1WW that allows unauthenticated remote attackers to access sensitive configuration files through null-byte injection in the URL handler. The vulnerability affects the %00currentsetting.htm endpoint, enabling attackers to retrieve or modify device settings without credentials. This 0day has been publicly disclosed with proof-of-concept code available, and CVSS 7.3 reflects moderate confidentiality, integrity, and availability impact across network-accessible administration functions.

Authentication Bypass Netgear Path Traversal Wnr614 Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.4%
CVE-2025-4980 MEDIUM POC This Week

A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Dgnd3700 Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-4978 CRITICAL POC Act Now

A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1.00.15NA. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Dgnd3700 Firmware
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
1.5%
CVE-2025-4977 MEDIUM POC This Week

A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Dgnd3700 Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-45492 CRITICAL POC Act Now

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Ex8000 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
5.4%
CVE-2024-57235 CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2024-57234 CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2024-57233 CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2024-57232 CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2024-57231 CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2024-57230 CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2024-57229 CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2025-4150 HIGH POC This Week

A vulnerability was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-4149 HIGH POC This Week

A vulnerability was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-4148 HIGH POC This Week

A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-4147 HIGH POC This Week

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4146 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4145 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4142 HIGH POC This Week

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4141 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4140 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6120 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4139 HIGH This Week

A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Ex6120 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.1%
CVE-2025-4135 MEDIUM This Month

A vulnerability was found in Netgear WG302v2 up to 5.2.9 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Wg302V2 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.2%
CVE-2025-4122 MEDIUM This Month

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Jwnr2000V2 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.8%
CVE-2025-4121 MEDIUM This Month

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Jwnr2000V2 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.8%
CVE-2025-4120 HIGH This Week

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000V2 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4117 MEDIUM This Month

A vulnerability, which was classified as critical, was found in Netgear JWNR2000v2 1.0.0.11. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2025-4116 HIGH This Week

A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.7%
CVE-2025-4115 HIGH This Week

A vulnerability classified as critical was found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.7%
CVE-2025-4114 HIGH This Week

A vulnerability classified as critical has been found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.7%
CVE-2025-29044 CRITICAL POC Act Now

Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow RCE R6100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2024-54809 CRITICAL POC Act Now

Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Stack Overflow Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-54808 CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow RCE Stack Overflow Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-54807 CRITICAL POC Act Now

In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2024-54806 CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-54805 CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2024-54804 CRITICAL POC THREAT Emergency

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
10.2%
CVE-2024-54803 CRITICAL POC THREAT Emergency

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
10.2%
CVE-2024-54802 CRITICAL POC Act Now

In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Buffer Overflow Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-28219 CRITICAL Act Now

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Dc112A Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-41545 MEDIUM This Month

The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and possibly others) authenticates users via basic authentication, with an HTTP header containing a base64. Rated medium severity (CVSS 6.4). No vendor patch available.

Netgear Information Disclosure C7800 Firmware
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2024-57046 HIGH POC THREAT Act Now

Netgear DGN2200 router firmware v1.0.0.46 and earlier contains an authentication bypass. By appending ?x=1.gif to any URL, the router's authentication check is fooled into treating the request as an image file, granting unauthenticated access to all management functions including configuration and firmware management.

Netgear Authentication Bypass Dgn2200 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
62.4%
Threat
5.1
CVE-2025-25246 HIGH This Week

NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Netgear Code Injection
NVD
CVSS 3.1
8.1
EPSS
5.0%
CVE-2024-23690 HIGH This Week

The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-12847 CRITICAL POC THREAT Emergency

NETGEAR DGN1000 routers with firmware before 1.1.00.48 contain an unauthenticated remote command execution vulnerability via the setup.cgi endpoint. The vulnerability has been exploited in the wild since at least 2017, notably by the Mirai-derived Reaper/IoTroop botnet for large-scale DDoS operations.

Command Injection Netgear Authentication Bypass Dgn1000 Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
71.3%
Threat
5.6
CVE-2024-12988 MEDIUM POC This Month

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear R6900P Firmware R7000P Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.8%
CVE-2024-12147 HIGH This Week

A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.8%
CVE-2024-52030 MEDIUM This Month

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at ru_wan_flow.cgi. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Netgear R7000P Firmware
NVD GitHub
CVSS 3.1
5.7
EPSS
0.3%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

A security flaw was discovered in the NETGEAR WAX333 Access Point that could allow someone already logged in and connected to the local network to make unauthorized changes to the device's settings

Authentication Bypass Netgear Wax333
NVD
EPSS 0% CVSS 6.3
MEDIUM Monitor

A security flaw was discovered in the NETGEAR DGND3700v1 that could allow someone on the same local WiFi network to send unauthorized commands to the device. This issue was identified through testing in a controlled research environment using a simulated version of the router's software and has not been confirmed on physical production devices.

Authentication Bypass Netgear Dgnd3700V1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation.

Authentication Bypass Netgear Raxe450 +1
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Stack-based buffer overflow in multiple NETGEAR Orbi mesh WiFi models (RBR860, RBRE950/960, RBE970/971, RBS860, RBSE950/960) enables an unauthenticated adjacent-network attacker to crash or force a restart of the affected device, causing a loss of network connectivity. The root cause is CWE-121 (stack-based buffer overflow), meaning a crafted network payload can overwrite stack memory and destabilize the device process. The CVSS 4.0 supplemental metric E:P indicates a proof-of-concept exploit exists, elevating practical risk despite the moderate base score of 5.7.

Buffer Overflow Stack Overflow Netgear +8
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device.

Authentication Bypass Netgear Mr70 +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Post-authentication command execution in NETGEAR Nighthawk RAX-series routers (RAX43, RAX45, RAX50, RAX54S, RAX54Sv2) permits an attacker already holding administrative credentials and adjacent network access to run unauthorized OS-level commands or code on the device. Rooted in CWE-20 (Improper Input Validation), the flaw bypasses authorization controls within the authenticated management session, yielding high integrity impact on the vulnerable system. No public exploit identified at time of analysis, though the CVSS 4.0 supplemental metric E:P indicates proof-of-concept code exists; a vendor-released patch is available from NETGEAR.

Authentication Bypass Netgear Rax43 +4
NVD
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

TLS certificate validation failure in the ReadyCloud client app on multiple NETGEAR router models exposes confidential data to network interception. The app does not properly validate TLS certificates (CWE-325), enabling a network-positioned attacker to perform man-in-the-middle (MiTM) attacks against ReadyCloud communications. Affected models include the RAX35, RAX38, RAX40, RAX120v1, and RAX120v2 running firmware below the patched versions; no public exploit code exists and no active exploitation has been confirmed.

Information Disclosure Netgear Rax120V1 +4
NVD VulDB
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Insufficient authentication (CWE-306) and input validation weaknesses across more than 25 NETGEAR router and mesh system models allow an adjacent-network attacker with low-level privileges to execute arbitrary commands and read sensitive configuration data, or alter certain device settings. The CVSS 4.0 vector confirms the attack is limited to adjacent network segments (AV:A) and requires low privileges (PR:L), with high confidentiality impact on both the vulnerable component and subsequent systems (VC:H, SC:H). No public exploit has been identified at time of analysis, and NETGEAR has self-reported the issue with patches available for all listed product lines.

Authentication Bypass Netgear Lbr1020 +24
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Information disclosure in NETGEAR Orbi satellite devices (RBR350, RBR760, RBS350, RBS760, RBE97x) allows a low-privileged user on the same network to obtain administrator access to the Orbi router. The flaw resides specifically in the satellite-to-router communication layer, as NETGEAR explicitly confirms Orbi systems deployed without satellites are unaffected. No public exploit exists (CVSS E:U) and CISA SSVC rates exploitation as none, but the high secondary impact scores (SC:H/SI:H/SA:H) reflect that successful exploitation yields full router compromise.

Information Disclosure Netgear Rbe97X +4
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Insufficient input validation across multiple NETGEAR Orbi mesh router models (RBR/RBS/RBE series) permits authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their intended privilege scope. Affected are all firmware versions prior to V7.2.8.5 on most Orbi models and prior to V9.12.4.9 on the RBE97x series. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog; NETGEAR self-reported and has released patched firmware addressing the flaw.

Authentication Bypass Netgear Rbe97X +12
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Code injection in NETGEAR RBE97x routers (firmware prior to V9.12.4.9) enables authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their sanctioned scope. The vulnerability stems from insufficient input validation (CWE-94), where administrator-supplied input is not properly sanitized before being processed, potentially allowing execution of injected code. No public exploit exists and CISA SSVC classifies exploitation status as 'none', making this a low-urgency but valid integrity risk for environments where shared or compromised admin accounts are a concern.

Code Injection Netgear RCE +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Stack-based buffer overflow in NETGEAR Orbi mesh router firmware (RBE, RBR, RBS series) enables authenticated administrators with local network access to submit malformed buffer input that bypasses validation and triggers unauthorized modification of router software and functionality. The attack surface is significantly constrained by the requirement for both administrative credentials (PR:H) and adjacent network positioning (AV:A), limiting realistic exposure to insider threats or scenarios where an attacker has already compromised admin credentials within the LAN. No public exploit identified at time of analysis, SSVC confirms exploitation status as none, and vendor-released patches are available across all affected model lines.

Netgear Stack Overflow Buffer Overflow +14
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Integrity tampering in NETGEAR router and mesh network firmware allows authenticated administrators on the local network to submit insufficiently validated input, modifying the router's configuration or internal state in unintended ways. Affected devices span at least 27 product lines including MR/MS mesh units and R-series routers, all running firmware below specific patched versions identified by NETGEAR (EUVD-2026-35460). No public exploit has been identified at time of analysis, SSVC assigns no active exploitation and non-automatable status, and NETGEAR has released patched firmware across all affected product lines.

Information Disclosure Netgear Mr60 +26
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Insufficient input validation across 30+ NETGEAR router, range extender, and mesh networking models enables local network-adjacent modification of router software and functionality. The CVSS 4.0 vector assigns PR:N (no privileges required) and AV:A (adjacent network), yet the CVE description scopes the vulnerability to 'authenticated administrators' - the 'Authentication Bypass' tag supplied by NETGEAR suggests the input validation flaw may itself circumvent authentication controls, reconciling this apparent conflict. Integrity impact is rated High (VI:H) against the vulnerable system, meaning successful exploitation allows unauthorized firmware or configuration modification. No public exploit is identified at time of analysis (E:U), and this CVE is not listed in the CISA KEV catalog.

Authentication Bypass Netgear Ex3700 +30
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Remote code execution affects NETGEAR gaming routers (XR1000, MR70, MS70, RAXE500) when an attacker holds an on-path man-in-the-middle position between the device and the internet. The CVSS 4.0 vector (AV:N/AC:H/AT:P/PR:N/UI:N) confirms no privileges are needed on the target device but requires both high attack complexity and a specific network prerequisite - the ability to intercept and tamper with upstream traffic. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Netgear Mr70 +3
NVD VulDB
EPSS 0% CVSS 4.4
MEDIUM This Month

OS command injection in NETGEAR JR6150 firmware (all versions ≤ 1.0.1.26) allows locally authenticated or WiFi-connected users to execute arbitrary operating system commands via insufficient input validation (CWE-20). The device reached End-of-Support in 2018 and NETGEAR will not release a patch, leaving all deployments permanently unmitigated. No public exploit code exists and active exploitation has not been confirmed (not listed in CISA KEV), but the perpetual absence of patching makes device replacement the only durable remediation.

Information Disclosure Netgear Jr6150
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Insufficient input validation in the NETGEAR JR6150 AC750 router (firmware ≤1.0.1.26) enables authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their intended authorization scope. The device reached End-of-Support in 2018 and will receive no security patches. No public exploit code exists and no active exploitation has been identified; however, the device's permanent unpatched status makes risk acceptance or replacement the only long-term posture. The vulnerability was identified through firmware emulation and has not been verified on production hardware.

Authentication Bypass Netgear Jr6150
NVD VulDB
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Remote command execution in NETGEAR Orbi 370 series routers (firmware before V12.1.2.7) is achievable by a network-positioned adversary who can intercept and tamper with traffic between the device and the internet. Exploitation requires the device administrator to perform specific management actions while the attacker holds a man-in-the-middle position, at which point a buffer overflow (CWE-119) is triggered allowing arbitrary command execution on the device. No public exploit exists at time of analysis and the vendor has released a patching firmware (V12.1.2.7); no KEV listing has been issued by CISA.

Netgear Buffer Overflow Orbi 370
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

End-of-service Netgear devices with TelnetEnable functionality can have telnet service remotely activated via specially crafted magic packets, enabling unauthenticated remote access to the device. An attacker on the network can exploit this to gain command-line access without credentials, potentially leading to device compromise and lateral movement. No patch is available for affected products.

Netgear
NVD
EPSS 0% CVSS 7.7
HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. [CVSS 7.7 HIGH]

Netgear TLS R6230 Firmware +9
NVD
EPSS 1% CVSS 7.7
HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. [CVSS 7.7 HIGH]

Netgear Command Injection R7000 Firmware +9
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

NETGEAR WiFi extenders (Ex5000, Ex6110, Ex2800, Ex3110) with improper path traversal validation allow authenticated LAN users to access the webproc configuration file and extract stored router credentials. An attacker with local network access can leverage this to obtain administrative credentials for further network compromise. A patch is available.

Netgear Path Traversal Ex5000 Firmware +3
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

NETGEAR WiFi extenders (Ex3110, Ex6110, Ex5000, Ex2800) contain an authentication bypass vulnerability that allows network-adjacent attackers with WiFi access or physical Ethernet connectivity to gain unauthorized admin panel access. An attacker can exploit insufficient authentication validation to fully compromise the device's confidentiality, integrity, and availability. A patch is available for affected firmware versions.

Netgear Ex3110 Firmware Ex6110 Firmware +2
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

NETGEAR XR1000v2 routers are vulnerable to OS command injection through inadequate input validation, enabling attackers with LAN access to execute arbitrary commands with elevated privileges. The vulnerability affects authenticated users on the local network and could allow complete router compromise including data interception and network manipulation. A patch is available.

Netgear Command Injection Xr1000v2 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Unauthenticated administrative access in NETGEAR Orbi routers (CBR750, NBR750, RBE370, RBE371) allows local network attackers to bypass authentication and gain full admin control of the web interface. This high-severity vulnerability (CVSS 7.8) impacts all users on networks connected to affected devices, enabling attackers to modify router settings, potentially compromising network security and connected devices. A patch is available.

Netgear Authentication Bypass Rbs750 Firmware +24
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Authenticated attackers on the same network can execute arbitrary OS commands on NETGEAR Orbi routers (RBS860, RBR850, RBSE950) through improper validation of DHCPv6 input. The vulnerability requires local or WiFi network access but no user interaction, giving attackers full system compromise capabilities on affected devices. A patch is available for this high-severity flaw.

Netgear Command Injection Rbs860 Firmware +11
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

NETGEAR Orbi routers (RBS850, RBE970, RBS750) are vulnerable to OS command injection through inadequate input validation, enabling attackers on the local network to execute arbitrary commands with elevated privileges. The vulnerability requires LAN access and low privileges but provides complete system compromise through high-impact code execution capabilities. A patch is available for affected firmware versions.

Netgear Command Injection Rbs850 Firmware +9
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Dgn2200 Firmware
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Rax30 Firmware +1
NVD
EPSS 0% CVSS 4.8
MEDIUM Monitor

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to. Rated medium severity (CVSS 4.8). No vendor patch available.

Information Disclosure Netgear R6260 Firmware +1
NVD
EPSS 0% CVSS 0.5
LOW Monitor

Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points). Rated low severity (CVSS 0.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Wax610Y Firmware +1
NVD
EPSS 48% 4.3 CVSS 6.9
MEDIUM POC THREAT This Month

A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.8%.

Netgear Path Traversal
NVD Exploit-DB
EPSS 73% 5.4 CVSS 8.6
HIGH POC THREAT Act Now

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.1%.

Netgear Command Injection Dgn1000B Firmware
NVD Exploit-DB
EPSS 61% 5.2 CVSS 9.4
CRITICAL POC THREAT Emergency

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.0%.

Netgear Command Injection Dgn2200B Firmware
NVD Exploit-DB
EPSS 1% CVSS 2.1
LOW POC Monitor

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument host_name leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early and confirmed the existence of the vulnerability. They reacted very quickly, professional and kind. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Netgear
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6565 is a critical stack-based buffer overflow vulnerability in Netgear WNCE3001 v1.0.0.50 affecting the HTTP POST request handler's Host parameter processing. An authenticated attacker can remotely exploit this to achieve complete system compromise including confidentiality, integrity, and availability violations. Public exploitation code exists, elevating immediate risk.

Buffer Overflow Netgear RCE
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

CVE-2025-48890 is a critical OS command injection vulnerability in the miniigd SOAP service affecting WRH-733GBK and WRH-733GWH network storage devices. Remote unauthenticated attackers can execute arbitrary OS commands by sending specially crafted requests, achieving complete system compromise (CVSS 9.8). With an attack vector of Network/Low complexity/No privileges required, this vulnerability poses immediate risk to exposed devices.

Command Injection RCE IoT +1
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6511 is a critical stack-based buffer overflow vulnerability in Netgear EX6150 (version 1.0.0.46_1.0.76) affecting the sub_410090 function, allowing authenticated attackers to achieve remote code execution with high integrity, confidentiality, and availability impact. The vulnerability is publicly disclosed with proof-of-concept code available, and impacts only end-of-life products no longer receiving vendor support, elevating real-world exploitation risk for unpatched legacy deployments.

Buffer Overflow Netgear RCE +2
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6510 is a critical stack-based buffer overflow vulnerability in Netgear EX6100 WiFi extender (version 1.0.2.28_1.1.138) affecting the sub_415EF8 function. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with high integrity and availability impact. The vulnerability has public exploit disclosure and affects only end-of-life products no longer receiving vendor support.

Buffer Overflow Netgear RCE +1
NVD GitHub VulDB
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network.

Command Injection Netgear RCE +8
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE Netgear +9
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

A critical stack-based buffer overflow vulnerability (CVE-2025-5934) exists in Netgear EX3700 wireless extenders up to version 1.0.0.88, affecting the sub_41619C function in the /mtd file. An authenticated attacker can remotely exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code is available, and while the affected product line is no longer supported by Netgear, immediate patching to version 1.0.0.98 is critical for active deployments.

Buffer Overflow Netgear Ex3700 Firmware +1
NVD GitHub VulDB
EPSS 0% CVSS 7.3
HIGH POC This Week

Critical authentication bypass vulnerability in Netgear WNR614 version 1.1.0.28_1.0.1WW that allows unauthenticated remote attackers to access sensitive configuration files through null-byte injection in the URL handler. The vulnerability affects the %00currentsetting.htm endpoint, enabling attackers to retrieve or modify device settings without credentials. This 0day has been publicly disclosed with proof-of-concept code available, and CVSS 7.3 reflects moderate confidentiality, integrity, and availability impact across network-accessible administration functions.

Authentication Bypass Netgear Path Traversal +1
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Dgnd3700 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 9.3
CRITICAL POC Act Now

A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1.00.15NA. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Dgnd3700 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Dgnd3700 Firmware
NVD GitHub VulDB
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Ex8000 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Rax50 Firmware
NVD GitHub
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6200 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Ex6120 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Ex6120 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Netgear WG302v2 up to 5.2.9 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Wg302V2 Firmware
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Jwnr2000V2 Firmware
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Jwnr2000V2 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000V2 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

A vulnerability, which was classified as critical, was found in Netgear JWNR2000v2 1.0.0.11. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability classified as critical was found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability classified as critical has been found in Netgear JWNR2000v2 1.0.0.11. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Buffer Overflow Jwnr2000 Firmware
NVD GitHub VulDB
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow RCE +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Stack Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow RCE +2
NVD
EPSS 6% CVSS 9.8
CRITICAL POC Act Now

In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Command Injection +2
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Code Injection +1
NVD
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Command Injection +2
NVD
EPSS 10% CVSS 9.8
CRITICAL POC THREAT Emergency

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

RCE Netgear Command Injection +2
NVD
EPSS 10% CVSS 9.8
CRITICAL POC THREAT Emergency

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

RCE Netgear Command Injection +2
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Buffer Overflow +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Dc112A Firmware
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and possibly others) authenticates users via basic authentication, with an HTTP header containing a base64. Rated medium severity (CVSS 6.4). No vendor patch available.

Netgear Information Disclosure C7800 Firmware
NVD
EPSS 62% 5.1 CVSS 8.8
HIGH POC THREAT Act Now

Netgear DGN2200 router firmware v1.0.0.46 and earlier contains an authentication bypass. By appending ?x=1.gif to any URL, the router's authentication check is fooled into treating the request as an image file, granting unauthenticated access to all management functions including configuration and firmware management.

Netgear Authentication Bypass Dgn2200 Firmware
NVD GitHub
EPSS 5% CVSS 8.1
HIGH This Week

NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Netgear Code Injection
NVD
EPSS 1% CVSS 7.2
HIGH This Week

The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection
NVD
EPSS 71% 5.6 CVSS 9.8
CRITICAL POC THREAT Emergency

NETGEAR DGN1000 routers with firmware before 1.1.00.48 contain an unauthenticated remote command execution vulnerability via the setup.cgi endpoint. The vulnerability has been exploited in the wild since at least 2017, notably by the Mirai-derived Reaper/IoTroop botnet for large-scale DDoS operations.

Command Injection Netgear Authentication Bypass +1
NVD Exploit-DB
EPSS 1% CVSS 6.9
MEDIUM POC This Month

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear R6900P Firmware +1
NVD GitHub VulDB
EPSS 1% CVSS 7.1
HIGH This Week

A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear
NVD GitHub VulDB
EPSS 0% CVSS 5.7
MEDIUM This Month

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at ru_wan_flow.cgi. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Netgear +1
NVD GitHub
Page 1 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy