65
CVEs
23
Critical
31
High
0
KEV
41
PoC
48
Unpatched C/H
9.2%
Patch Rate
4.1%
Avg EPSS
Severity Breakdown
CRITICAL
23
HIGH
31
MEDIUM
9
LOW
2
Monthly CVE Trend
Affected Products (30)
Ex6200 Firmware
8
Wnr854T Firmware
8
Rax50 Firmware
7
Jwnr2000 Firmware
4
Dgnd3700 Firmware
3
R6260 Firmware
3
Rbr850 Firmware
3
Rbse960 Firmware
3
Rbs860 Firmware
3
Jwnr2000V2 Firmware
3
Rbs750 Firmware
3
Rbr750 Firmware
3
Rbr860 Firmware
3
Rbre960 Firmware
3
Rbs850 Firmware
3
Ex2800 Firmware
2
Rbe970 Firmware
2
Rbe971 Firmware
2
Dgn2200 Firmware
2
Bl X10 Ac8 Firmware
2
Rax120v2 Firmware
2
Rbr20 Firmware
2
Bl Ac2100 Az3 Firmware
2
Bl F1200 At1 Firmware
2
R8900 Firmware
2
Ex6120 Firmware
2
Ex6110 Firmware
2
Bl X26 Ac8 Firmware
2
R6230 Firmware
2
Bl Wr9000 Firmware
2
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2024-57046 | Netgear DGN2200 router firmware v1.0.0.46 and earlier contains an authentication bypass. By appending ?x=1.gif to any URL, the router's authentication check is fooled into treating the request as an image file, granting unauthenticated access to all management functions including configuration and firmware management. | HIGH | 8.8 | 62.4% | 126 |
PoC
No patch
|
| CVE-2024-54803 | Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%. | CRITICAL | 9.8 | 10.2% | 79 |
PoC
No patch
|
| CVE-2024-54804 | Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%. | CRITICAL | 9.8 | 10.2% | 79 |
PoC
No patch
|
| CVE-2024-57229 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57230 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57231 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57232 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57233 | NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57234 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-57235 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2024-54807 | In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 5.7% | 75 |
PoC
No patch
|
| CVE-2025-45492 | Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 5.4% | 74 |
PoC
No patch
|
| CVE-2024-54805 | Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 4.3% | 73 |
PoC
No patch
|
| CVE-2025-45984 | A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available. | CRITICAL | 9.8 | 3.0% | 72 |
PoC
No patch
|
| CVE-2025-45986 | A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network. | CRITICAL | 9.8 | 3.0% | 72 |
PoC
No patch
|