Filtered by vendor Netgear
Subscriptions
Total
1300 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-10063 | 1 Netgear | 1 Sph200d | 2025-08-06 | N/A |
| A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data. | ||||
| CVE-2013-10061 | 1 Netgear | 1 Dgn1000 | 2025-08-06 | N/A |
| An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication. | ||||
| CVE-2013-10060 | 1 Netgear | 1 Dgn2200b | 2025-08-06 | N/A |
| An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored. | ||||
| CVE-2016-6277 | 1 Netgear | 22 D6220, D6220 Firmware, D6400 and 19 more | 2025-07-30 | 8.8 High |
| NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/. | ||||
| CVE-2017-5521 | 1 Netgear | 26 Ac1450, Ac1450 Firmware, D6220 and 23 more | 2025-07-30 | 8.1 High |
| An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions. | ||||
| CVE-2016-10174 | 1 Netgear | 56 D6100, D6100 Firmware, D7000 and 53 more | 2025-07-30 | 9.8 Critical |
| The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. | ||||
| CVE-2017-6077 | 1 Netgear | 2 Dgn2200, Dgn2200 Firmware | 2025-07-30 | 9.8 Critical |
| ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request. | ||||
| CVE-2017-6334 | 1 Netgear | 5 Dgn2200 Series Firmware, Dgn2200v1, Dgn2200v2 and 2 more | 2025-07-30 | 8.8 High |
| dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077. | ||||
| CVE-2016-1555 | 1 Netgear | 14 Wn604, Wn604 Firmware, Wn802tv2 and 11 more | 2025-07-30 | 9.8 Critical |
| (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands. | ||||
| CVE-2017-6862 | 1 Netgear | 6 Wnr2000v3, Wnr2000v3 Firmware, Wnr2000v4 and 3 more | 2025-07-30 | 9.8 Critical |
| NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261. | ||||
| CVE-2020-26919 | 1 Netgear | 2 Jgs516pe, Jgs516pe Firmware | 2025-07-30 | 9.8 Critical |
| NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level. | ||||
| CVE-2023-50677 | 1 Netgear | 2 Dgnd4000, Dgnd4000 Firmware | 2025-07-28 | 8.8 High |
| An issue in NETGEAR-DGND4000 v.1.1.00.15_1.00.15 allows a remote attacker to escalate privileges via the next_file parameter to the /setup.cgi component. | ||||
| CVE-2025-44658 | 1 Netgear | 1 Rax30 | 2025-07-22 | 9.8 Critical |
| In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions and tricking the web server into executing them as PHP, bypassing security mechanisms based on file extension filtering. This may lead to remote code execution (RCE), information disclosure, or full system compromise. | ||||
| CVE-2025-44650 | 1 Netgear | 2 Eax80, R7000 | 2025-07-22 | 7.5 High |
| In Netgear R7000 V1.3.1.64_10.1.36 and EAX80 V1.0.1.70_1.0.2, the USERLIMIT_GLOBAL option is set to 0 in the bftpd.conf configuration file. This can cause DoS attacks when unlimited users are connected. | ||||
| CVE-2025-6511 | 1 Netgear | 2 Ex6150, Ex6150 Firmware | 2025-07-16 | 8.8 High |
| A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-6510 | 1 Netgear | 2 Ex6100, Ex6100 Firmware | 2025-07-16 | 8.8 High |
| A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this issue is the function sub_415EF8. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-7407 | 1 Netgear | 2 D6400, D6400 Firmware | 2025-07-16 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument host_name leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early and confirmed the existence of the vulnerability. They reacted very quickly, professional and kind. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-52080 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2025-07-16 | 6.5 Medium |
| In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the share_name parameter. | ||||
| CVE-2025-52081 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2025-07-16 | 6.5 Medium |
| In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the usb_folder parameter. | ||||
| CVE-2025-52082 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2025-07-16 | 6.5 Medium |
| In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the read_access parameter. | ||||