Skip to main content

R8900 Firmware

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2022-40620 HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. [CVSS 7.7 HIGH]

TLS Netgear R6230 Firmware R6260 Firmware R7000 Firmware +7
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2022-40619 HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. [CVSS 7.7 HIGH]

Command Injection Netgear R6230 Firmware R6260 Firmware R7000 Firmware +7
NVD
CVSS 3.1
7.7
EPSS
0.8%
CVE-2022-40620
EPSS 0% CVSS 7.7
HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. [CVSS 7.7 HIGH]

TLS Netgear R6230 Firmware +9
NVD
CVE-2022-40619
EPSS 1% CVSS 7.7
HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. [CVSS 7.7 HIGH]

Command Injection Netgear R6230 Firmware +9
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy