Skip to main content

Netgear

748 CVEs vendor

Monthly

CVE-2023-36499 HIGH POC This Week

Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear Xr300 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-34563 CRITICAL POC THREAT Act Now

netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear R6250 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
13.9%
CVE-2023-33533 HIGH POC This Week

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection D6220 Firmware D8500 Firmware R6700 Firmware +1
NVD GitHub
CVSS 3.1
8.8
EPSS
3.1%
CVE-2023-33532 CRITICAL POC THREAT Emergency

There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.4%.

Command Injection Netgear R6250 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
19.4%
Threat
4.0
CVE-2023-2396 MEDIUM POC This Month

A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-2395 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-2394 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2393 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2392 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2391 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic.cgi?page=time_zone.htm of the component Web Management Interface. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2390 MEDIUM POC This Month

A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.7%
CVE-2023-2389 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.7%
CVE-2023-2388 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2387 MEDIUM POC This Month

A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2386 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2385 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2384 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2383 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.7%
CVE-2023-2382 MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2381 MEDIUM POC This Month

A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2380 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Denial Of Service Srx5308 Firmware
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
1.3%
CVE-2023-30280 CRITICAL Act Now

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear R6900 Firmware R6700 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-28338 HIGH This Week

Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Rax30 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-28337 HIGH This Week

When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear File Upload Rax30 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-1327 CRITICAL Act Now

Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax30 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-27853 CRITICAL Act Now

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear Rax30 Firmware
NVD
CVSS 3.1
9.8
EPSS
19.7%
CVE-2023-27852 CRITICAL Act Now

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear Rax30 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27851 HIGH This Week

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear RCE Rax30 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-27850 MEDIUM This Month

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax30 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-1205 HIGH This Week

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear CSRF Rax30 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-0850 HIGH POC This Week

A vulnerability was found in Netgear WNDR3700v2 1.0.1.14 and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Denial Of Service Wndr3700 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-0849 CRITICAL Act Now

A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Wndr3700 Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-0848 HIGH This Week

A vulnerability was found in Netgear WNDR3700v2 1.0.1.14. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Wndr3700 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-23110 HIGH POC This Week

An exploitable firmware modification vulnerability was discovered in certain Netgear products. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Wnr612V2 Firmware Dgn1000V3 Firmware D6100 Firmware +6
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2022-48196 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Netgear Buffer Overflow Rax40 Firmware Rax35 Firmware R6400V2 Firmware +6
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-46424 HIGH This Week

An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Denial Of Service Netgear Xwn5001 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-46423 HIGH This Week

An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Denial Of Service Netgear Wnr2000 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2022-46422 MEDIUM This Month

An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Netgear Wnr2000 Firmware
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2022-4390 CRITICAL POC Act Now

A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netgear Ax2400 Firmware
NVD
CVSS 3.1
10.0
EPSS
0.9%
CVE-2022-44184 CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-44200 CRITICAL POC Act Now

Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-44199 CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-44198 CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-44197 CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44196 CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44194 CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-44193 CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44191 CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44190 CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44188 CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44187 CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44186 CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000P Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-42221 HIGH POC This Week

Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6220 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.8%
CVE-2022-37235 CRITICAL Act Now

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37232 CRITICAL Act Now

Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow Wnr2000V4 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-31937 CRITICAL Act Now

Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow Wnr2000V4 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37234 HIGH This Week

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow R7000 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-38956 MEDIUM This Month

An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Netgear Information Disclosure Wpn824Ext Firmware
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2022-38955 HIGH This Week

An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Netgear Authentication Bypass Wpn824Ext Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-30079 HIGH POC THREAT Act Now

Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.4%.

Command Injection Netgear R6200
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
24.4%
Threat
4.0
CVE-2022-30078 HIGH POC This Week

NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6200 Firmware R6300 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.8%
CVE-2022-31876 MEDIUM POC This Month

netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Netgear Information Disclosure Wnap320 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2022-29383 CRITICAL POC THREAT Act Now

NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear SQLi Ssl312 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
49.0%
CVE-2022-27947 HIGH POC This Week

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R8500 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.8%
CVE-2022-27946 HIGH POC This Week

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R8500 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
3.2%
CVE-2022-27945 HIGH POC This Week

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R8500 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.9%
CVE-2022-24655 HIGH POC This Week

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow Netgear Ex6100 Firmware +3
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-45732 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-45077 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-23147 MEDIUM This Month

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2021-20175 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20174 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20173 HIGH POC This Week

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2021-20172 HIGH POC This Week

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Netgear Apple Privilege Escalation Genie Installer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-20171 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-20170 HIGH This Week

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-20169 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2021-20168 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2021-20167 HIGH POC This Week

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rax43 Firmware
NVD
CVSS 3.1
8.0
EPSS
8.5%
CVE-2021-20166 HIGH This Week

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax43 Firmware
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-45679 HIGH This Week

Certain NETGEAR devices are affected by privilege escalation. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Privilege Escalation R6900P Firmware R7000 Firmware R7000P Firmware +1
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-45678 CRITICAL Act Now

NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax200 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-45677 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Gs108T Firmware Gs110Tp Firmware
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-45676 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Rax200 Firmware Rax20 Firmware Rax80 Firmware +2
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-45675 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS R6120 Firmware R6260 Firmware R6850 Firmware +12
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2021-45674 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS R7000 Firmware R7900 Firmware R8000 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-45673 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS R7000 Firmware R7900 Firmware R8000 Firmware +5
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-45672 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by Stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +17
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-45671 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Rax200 Firmware Mr60 Firmware Rax20 Firmware +19
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-45670 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Rax200 Firmware Mr60 Firmware Rax20 Firmware +27
NVD
CVSS 3.1
4.8
EPSS
0.4%
EPSS 1% CVSS 8.8
HIGH POC This Week

Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear Xr300 Firmware
NVD GitHub
EPSS 14% CVSS 9.8
CRITICAL POC THREAT Act Now

netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear R6250 Firmware
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection D6220 Firmware +3
NVD GitHub
EPSS 19% 4.0 CVSS 9.8
CRITICAL POC THREAT Emergency

There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.4%.

Command Injection Netgear R6250 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic.cgi?page=time_zone.htm of the component Web Management Interface. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear XSS Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Denial Of Service Srx5308 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Rax30 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear File Upload Rax30 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax30 Firmware
NVD GitHub
EPSS 20% CVSS 9.8
CRITICAL Act Now

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear RCE Rax30 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax30 Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear CSRF Rax30 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

A vulnerability was found in Netgear WNDR3700v2 1.0.1.14 and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Denial Of Service Wndr3700 Firmware
NVD VulDB
EPSS 3% CVSS 9.8
CRITICAL Act Now

A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Wndr3700 Firmware
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability was found in Netgear WNDR3700v2 1.0.1.14. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Wndr3700 Firmware
NVD VulDB
EPSS 1% CVSS 7.4
HIGH POC This Week

An exploitable firmware modification vulnerability was discovered in certain Netgear products. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Wnr612V2 Firmware +8
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Netgear Buffer Overflow Rax40 Firmware +8
NVD
EPSS 1% CVSS 8.1
HIGH This Week

An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Denial Of Service Netgear +1
NVD
EPSS 0% CVSS 8.1
HIGH This Week

An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Denial Of Service Netgear +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Netgear Wnr2000 Firmware
NVD
EPSS 1% CVSS 10.0
CRITICAL POC Act Now

A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netgear Ax2400 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6220 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Netgear Information Disclosure Wpn824Ext Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Netgear Authentication Bypass Wpn824Ext Firmware
NVD
EPSS 24% 4.0 CVSS 8.8
HIGH POC THREAT Act Now

Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.4%.

Command Injection Netgear R6200
NVD GitHub VulDB
EPSS 2% CVSS 8.8
HIGH POC This Week

NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6200 Firmware +1
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Netgear Information Disclosure +1
NVD GitHub
EPSS 49% CVSS 9.8
CRITICAL POC THREAT Act Now

NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear SQLi Ssl312 Firmware
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R8500 Firmware
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R8500 Firmware
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R8500 Firmware
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow +5
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6700 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Netgear Apple Privilege Escalation +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
EPSS 9% CVSS 8.0
HIGH POC This Week

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rax43 Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax43 Firmware
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by privilege escalation. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Privilege Escalation R6900P Firmware +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax200 Firmware
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Gs108T Firmware +1
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Rax200 Firmware +4
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS R6120 Firmware +14
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS R7000 Firmware +7
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS R7000 Firmware +7
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by Stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS D6200 Firmware +19
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Rax200 Firmware +21
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Rax200 Firmware +29
NVD
Prev Page 3 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy