748
CVEs
142
Critical
316
High
8
KEV
170
PoC
361
Unpatched C/H
19.3%
Patch Rate
4.6%
Avg EPSS
Severity Breakdown
CRITICAL
142
HIGH
316
MEDIUM
283
LOW
7
Monthly CVE Trend
Affected Products (30)
Rbr850 Firmware
148
Rbs850 Firmware
146
Rbk852 Firmware
142
Rbr750 Firmware
128
Rbs750 Firmware
127
Rbk752 Firmware
120
R7000P Firmware
98
R9000 Firmware
93
R7800 Firmware
92
R8900 Firmware
90
D7800 Firmware
84
Xr500 Firmware
83
Xr700 Firmware
71
Rbk50 Firmware
70
R7000 Firmware
70
Rbr50 Firmware
69
Rax120 Firmware
69
Rbs50 Firmware
68
Rax80 Firmware
60
R8000 Firmware
59
Rax75 Firmware
57
Rbr20 Firmware
57
Rbs20 Firmware
56
R6900P Firmware
55
Rbk40 Firmware
55
Rbs40 Firmware
53
R6700 Firmware
53
Rbr40 Firmware
52
Rbk20 Firmware
51
Xr300 Firmware
51
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2016-1555 | (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | CRITICAL | 9.8 | 94.3% | 228 |
KEV
PoC
|
| CVE-2016-10174 | The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | CRITICAL | 9.8 | 91.1% | 225 |
KEV
PoC
No patch
|
| CVE-2016-6277 | NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 8.8 | 94.3% | 223 |
KEV
PoC
|
| CVE-2017-6334 | dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 8.8 | 89.2% | 218 |
KEV
PoC
No patch
|
| CVE-2017-6077 | ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | CRITICAL | 9.8 | 86.1% | 205 |
KEV
PoC
No patch
|
| CVE-2017-5521 | An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 8.1 | 93.8% | 204 |
KEV
PoC
No patch
|
| CVE-2016-5674 | __debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 89.4%. | CRITICAL | 9.8 | 89.4% | 173 |
PoC
No patch
|
| CVE-2013-2751 | Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 83.5%. | CRITICAL | 10.0 | 83.5% | 168 |
PoC
|
| CVE-2016-1525 | Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 82.7%. | HIGH | 8.6 | 82.7% | 161 |
PoC
No patch
|
| CVE-2016-5675 | handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 73.1%. | CRITICAL | 9.8 | 73.1% | 157 |
PoC
No patch
|
| CVE-2016-10176 | The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 86.6%. | CRITICAL | 9.8 | 86.6% | 156 |
PoC
|
| CVE-2024-12847 | NETGEAR DGN1000 routers with firmware before 1.1.00.48 contain an unauthenticated remote command execution vulnerability via the setup.cgi endpoint. The vulnerability has been exploited in the wild since at least 2017, notably by the Mirai-derived Reaper/IoTroop botnet for large-scale DDoS operations. | CRITICAL | 9.8 | 71.3% | 155 |
PoC
No patch
|
| CVE-2013-10061 | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.1%. | HIGH | 8.6 | 73.1% | 151 |
PoC
No patch
|
| CVE-2016-10175 | The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.6%. | CRITICAL | 9.8 | 81.6% | 151 |
PoC
|
| CVE-2013-10060 | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.0%. | CRITICAL | 9.4 | 61.0% | 143 |
PoC
No patch
|