Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-120
Total 3990 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-52014 1 Netgear 8 R6400v2, R6400v2 Firmware, R7000p and 5 more 2026-06-17 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-52013 1 Netgear 8 R6400v2, R6400v2 Firmware, R7000p and 5 more 2026-06-17 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51409 1 Tenda 2 O3, O3 Firmware 2026-06-17 N/A 6.5 MEDIUM
Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware.
CVE-2024-51139 1 Draytek 46 Vigor1000b, Vigor1000b Firmware, Vigor2133 and 43 more 2026-06-17 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser's handling of the "Content-Length" header of HTTP POST requests.
CVE-2024-51116 1 Tenda 2 Ac6, Ac6 Firmware 2026-06-17 N/A 8.8 HIGH
Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'.
CVE-2024-51022 1 Netgear 2 Xr300, Xr300 Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51020 1 Netgear 2 R7000p, R7000p Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51019 1 Netgear 2 R7000p, R7000p Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51018 1 Netgear 2 R7000p, R7000p Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51017 1 Netgear 2 R7000p, R7000p Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51016 1 Netgear 2 Xr300, Xr300 Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51015 1 Netgear 2 R7000p, R7000p Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-51014 1 Netgear 2 Xr300, Xr300 Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51013 1 Netgear 2 R7000p, R7000p Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51012 1 Netgear 2 R8500, R8500 Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51011 1 Netgear 6 R6400v2, R6400v2 Firmware, R7000p and 3 more 2026-06-17 N/A 5.7 MEDIUM
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51007 1 Netgear 2 Xr300, Xr300 Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51006 1 Netgear 2 R8500, R8500 Firmware 2026-06-17 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51004 1 Netgear 4 R7000p, R7000p Firmware, R8500 and 1 more 2026-06-17 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51003 1 Netgear 8 R6400v2, R6400v2 Firmware, R7000p and 5 more 2026-06-17 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.