netgear

1,342 tracked vulnerabilities.

CVE-2024-51004 MEDIUM
Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 - Denial of Service via Stack Overflow in usb_device.cgi
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-51003 MEDIUM
Netgear R8500/R7000P/R6400v2/XR300 Stack Overflow via apmode_dns1_pri/apmode_dns1_sec
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-51002 MEDIUM
Netgear R8500/R7000P/XR300/R6400v2 Firmware - Stack Overflow via l2tp_user_ip Parameter
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-51001 MEDIUM
Netgear R8500 Firmware 1.0.2.160 - Stack Overflow via sysDNSHost Parameter
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-51000 MEDIUM
Netgear R8500 Firmware 1.0.2.160 - Denial of Service via wireless.cgi Parameter Overflow
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-50999 MEDIUM
Netgear R8500 v1.0.2.160 - OS Command Injection via sysNewPasswd Parameter
Nov 05, 2024
CVSS 5.7
EPSS 0.01
CVE-2024-50998 MEDIUM
Netgear R8500 Firmware 1.0.2.160 - Stack Overflow via openvpn.cgi Parameters
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-50997 MEDIUM
Netgear R8500/R7000P/R6400v2/XR300 DoS via pptp_user_ip Parameter
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-50996 MEDIUM
Netgear R8500 R7000P R6400v2 XR300 - Denial of Service via bpa_server Parameter Overflow
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-50995 MEDIUM
Netgear R8500 v1.0.2.160 - Stack Overflow via share_name Parameter
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-50994 MEDIUM
Netgear R8500 v1.0.2.160 - Denial of Service via ipv6_fix.cgi Parameter Overflow
Nov 05, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-50993 HIGH
Netgear R8500 v1.0.2.160 - OS Command Injection via sysNewPasswd Parameter
Nov 05, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-35520 HIGH
Netgear R7000 1.0.11.136 - Command Injection via RMT_invite.cgi device_name2 Parameter
Oct 14, 2024
CVSS 8.4
EPSS 0.09
CVE-2024-35519 HIGH
Netgear EX3700 < 1.0.0.96, EX6100 < 1.0.2.28, EX6120 < 1.0.0.68 - OS Command Injection via ap_mode Parameter
Oct 14, 2024
CVSS 8.4
EPSS 0.01
CVE-2024-35518 HIGH
Netgear EX6120 < 1.0.0.68 - OS Command Injection via wan_dns1_pri Parameter
Oct 14, 2024
CVSS 8.4
EPSS 0.01
CVE-2024-35522 HIGH
Netgear EX3700 Firmware < 1.0.0.98 - Authenticated Command Injection via ap_mode Parameter
Oct 11, 2024
CVSS 8.4
EPSS 0.02
CVE-2024-35517 HIGH
Netgear XR1000 v1.0.0.64 - OS Command Injection via usb_remote_smb_conf.cgi share_name Parameter
Oct 11, 2024
CVSS 8.4
EPSS 0.14
CVE-2024-42756 HIGH
Netgear DGN1000WW 1.1.00.45 - Remote Code Execution via Diagnostics Page
Aug 23, 2024
CVSS 8.8
EPSS 0.14
CVE-2024-6814 HIGH
NETGEAR ProSAFE Network Management System - Authenticated SQL Injection via getFilterString
Aug 21, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-6813 HIGH
NETGEAR ProSAFE Network Management System - Authenticated SQL Injection via getSortString
Aug 21, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-7153 MEDIUM
Netgear WN604 <20240719 - Direct Request
Jul 27, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-6646 MEDIUM NUCLEI
Netgear WN604 <20240710 - Info Disclosure
Jul 10, 2024
CVSS 5.3
EPSS 0.46
CVE-2024-36792 HIGH
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 - Privilege Escalation
Jun 07, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-36790 HIGH
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 - Cleartext Storage of Sensitive Information
Jun 07, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-36789 HIGH
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 - Info Disclosure
Jun 07, 2024
CVSS 8.1
EPSS 0.00