Filtered by vendor Netgear
Subscriptions
Total
1248 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44194 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec. | ||||
| CVE-2022-44193 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute. | ||||
| CVE-2022-44191 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2. | ||||
| CVE-2022-44190 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering. | ||||
| CVE-2022-44188 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering. | ||||
| CVE-2022-44187 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri. | ||||
| CVE-2022-44186 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri. | ||||
| CVE-2022-44184 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-04-29 | 9.8 Critical |
| Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec. | ||||
| CVE-2024-54802 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-22 | 9.8 Critical |
| In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header. | ||||
| CVE-2024-54803 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-22 | 9.8 Critical |
| Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoe_peer_mac and forcing a reboot. This will result in command injection. | ||||
| CVE-2024-51006 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 5.7 Medium |
| Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-51001 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 5.7 Medium |
| Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sysDNSHost parameter at ddns.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-51000 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 5.7 Medium |
| Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component wireless.cgi via the opmode, opmode_an, and opmode_an_2 parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-50999 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 5.7 Medium |
| Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | ||||
| CVE-2024-50998 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 5.7 Medium |
| Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpn_service_port and openvpn_service_port_tun parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-50995 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 5.7 Medium |
| Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-50994 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 5.7 Medium |
| Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6_fix.cgi via the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_length parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-50993 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-04-22 | 8 High |
| Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at admin_account.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | ||||
| CVE-2025-29044 | 1 Netgear | 2 R6100, R6100 Firmware | 2025-04-21 | 9.8 Critical |
| Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value | ||||
| CVE-2017-6862 | 1 Netgear | 6 Wnr2000v3, Wnr2000v3 Firmware, Wnr2000v4 and 3 more | 2025-04-20 | 9.8 Critical |
| NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261. | ||||