65
CVEs
23
Critical
31
High
0
KEV
41
PoC
48
Unpatched C/H
9.2%
Patch Rate
4.1%
Avg EPSS
Severity Breakdown
CRITICAL
23
HIGH
31
MEDIUM
10
LOW
1
Monthly CVE Trend
Affected Products (30)
Command Injection
27
Ex6200 Firmware
8
Wnr854T Firmware
8
Rax50 Firmware
7
Jwnr2000 Firmware
4
R6260 Firmware
3
Rbr850 Firmware
3
Rbse960 Firmware
3
Dgnd3700 Firmware
3
Rbs850 Firmware
3
Rbre960 Firmware
3
Rbs750 Firmware
3
Rbr860 Firmware
3
Rbr750 Firmware
3
Rbs860 Firmware
3
Jwnr2000V2 Firmware
3
Rax120 Firmware
2
Rbre950 Firmware
2
Ex3110 Firmware
2
Rbs840 Firmware
2
Rbe970 Firmware
2
Ex6110 Firmware
2
Ex5000 Firmware
2
Rbe971 Firmware
2
Ex2800 Firmware
2
Bl X26 Da3 Firmware
2
R9000 Firmware
2
Dgn2200 Firmware
2
Bl Wr9000 Firmware
2
Ex6120 Firmware
2
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2024-57046 | Netgear DGN2200 router firmware v1.0.0.46 and earlier contains an authentication bypass. By appending ?x=1.gif to any URL, the router's authentication check is fooled into treating the request as an image file, granting unauthenticated access to all management functions including configuration and firmware management. | HIGH | 8.8 | 62.4% | 126 |
PoC
No patch
|
| CVE-2024-54803 | Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%. | CRITICAL | 9.8 | 10.2% | 79 |
PoC
No patch
|
| CVE-2024-54804 | Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%. | CRITICAL | 9.8 | 10.2% | 79 |
PoC
No patch
|
| CVE-2024-57229 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57230 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57231 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57232 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57233 | NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57234 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57235 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-54807 | In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 5.7% | 75 |
PoC
No patch
|
| CVE-2025-45492 | Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 5.4% | 74 |
PoC
No patch
|
| CVE-2024-54805 | Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 4.3% | 73 |
PoC
No patch
|
| CVE-2025-45984 | A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available. | CRITICAL | 9.8 | 3.0% | 72 |
PoC
No patch
|
| CVE-2025-45986 | A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network. | CRITICAL | 9.8 | 3.0% | 72 |
PoC
No patch
|