Filtered by vendor Netgear
Subscribe
Total
1232 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27255 | 1 Netgear | 86 Br200, Br200 Firmware, Br500 and 83 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360. | |||||
| CVE-2021-27254 | 1 Netgear | 86 Br200, Br200 Firmware, Br500 and 83 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287. | |||||
| CVE-2021-27253 | 1 Netgear | 84 Br200, Br200 Firmware, Br500 and 81 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303. | |||||
| CVE-2021-27252 | 1 Netgear | 84 Br200, Br200 Firmware, Br500 and 81 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216. | |||||
| CVE-2021-27251 | 1 Netgear | 84 Br200, Br200 Firmware, Br500 and 81 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308. | |||||
| CVE-2021-27239 | 1 Netgear | 70 D6220, D6220 Firmware, D6400 and 67 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851. | |||||
| CVE-2021-23147 | 1 Netgear | 2 R6700, R6700 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection and execute commands as the root user without authentication. | |||||
| CVE-2021-20175 | 1 Netgear | 2 R6700, R6700 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface (port 5000) is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext | |||||
| CVE-2021-20174 | 1 Netgear | 2 R6700, R6700 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. By default, all communication to/from the device's web interface is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext. | |||||
| CVE-2021-20173 | 1 Netgear | 2 R6700, R6700 Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values. | |||||
| CVE-2021-20172 | 1 Netgear | 1 Genie Installer | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which the software is going to be installed may overwrite certain files to obtain privilege escalation to root. | |||||
| CVE-2021-20171 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device. | |||||
| CVE-2021-20170 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password (RAX50w!a4udk). By unzipping the configuration using this password, a user can reconfigure settings not intended to be manipulated, re-zip the configuration, and restore a backup causing these settings to be changed. | |||||
| CVE-2021-20169 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext. | |||||
| CVE-2021-20168 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection, login with default credentials, and execute commands as the root user. These default credentials are admin:admin. | |||||
| CVE-2021-20167 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2024-11-21 | 7.7 HIGH | 8.0 HIGH |
| Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. | |||||
| CVE-2021-20166 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton. | |||||
| CVE-2020-5641 | 1 Netgear | 2 Gs108ev3, Gs108ev3 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors. | |||||
| CVE-2020-5621 | 1 Netgear | 4 Gs716t, Gs716tv2 Firmware, Gs724t and 1 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors. | |||||
| CVE-2020-35842 | 1 Netgear | 28 D6200, D6200 Firmware, D7000 and 25 more | 2024-11-21 | 3.5 LOW | 6.9 MEDIUM |
| Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.76, WNR1000v4 before 1.1.0.62, WNR2020 before 1.1.0.62, and WNR2050 before 1.1.0.62. | |||||