Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netgear Subscribe
Filtered by product R7000p Firmware
Total 126 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-51004 1 Netgear 4 R7000p, R7000p Firmware, R8500 and 1 more 2025-04-30 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51002 1 Netgear 8 R6400v2, R6400v2 Firmware, R7000p and 5 more 2025-04-30 N/A 5.7 MEDIUM
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2022-44200 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.
CVE-2022-44199 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44198 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2022-44197 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44196 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2022-44194 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.
CVE-2022-44193 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute.
CVE-2022-44191 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.
CVE-2022-44190 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.
CVE-2022-44188 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.
CVE-2022-44187 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.
CVE-2022-44186 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.
CVE-2022-44184 1 Netgear 2 R7000p, R7000p Firmware 2025-04-29 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.
CVE-2022-48196 1 Netgear 18 R6400v2, R6400v2 Firmware, R6700v3 and 15 more 2025-04-10 N/A 7.4 HIGH
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.
CVE-2022-48176 1 Netgear 12 Mr60, Mr60 Firmware, Ms60 and 9 more 2025-03-28 N/A 7.8 HIGH
Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow.
CVE-2022-48322 1 Netgear 12 Mr60, Mr60 Firmware, Ms60 and 9 more 2025-03-21 N/A 9.8 CRITICAL
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.
CVE-2023-36187 1 Netgear 30 Cbr40, Cbr40 Firmware, Lax20 and 27 more 2024-11-21 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.
CVE-2022-27647 1 Netgear 66 Cax80, Cax80 Firmware, Lax20 and 63 more 2024-11-21 N/A 8.0 HIGH
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874.