Vulnerabilities > Netgear

DATE CVE VULNERABILITY TITLE RISK
2009-02-11 CVE-2008-6122 Improper Input Validation vulnerability in Netgear Wgr614 V8/V9
The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?").
network
low complexity
netgear CWE-20
7.8
2008-09-05 CVE-2008-1197 Improper Input Validation vulnerability in multiple products
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."
6.3
2008-09-05 CVE-2008-1144 Improper Input Validation vulnerability in multiple products
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length."
6.3
2007-10-18 CVE-2007-5562 Cross-Site Scripting vulnerability in Netgear Ssl312
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page.
network
netgear CWE-79
4.3
2007-08-15 CVE-2007-4361 Remote SSH Backdoor vulnerability in Netgear Readynas Raidiator 3.01C1P1/3.01C1P6
NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.
network
low complexity
netgear
critical
10.0
2006-11-27 CVE-2006-6125 Buffer Errors vulnerability in Netgear Wg311V1 2.3.1.10
Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID.
network
low complexity
netgear CWE-119
7.5
2006-11-22 CVE-2006-6059 Buffer Overflow vulnerability in NetGear MA521 Wireless Driver Long Beacon Probe
Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an long supported rates information element.
network
low complexity
netgear
critical
10.0
2006-11-18 CVE-2006-5972 Buffer Overflow vulnerability in Netgear Wg111V2 and Wg111V2 Driver
Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.
network
low complexity
netgear
critical
10.0
2006-09-13 CVE-2006-4765 Denial Of Service vulnerability in Netgear Dg834Gt 1.01.28
NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of service (device hang) via a long string in the username field in the login window.
network
low complexity
netgear
5.0
2006-08-15 CVE-2006-4143 Unspecified vulnerability in Netgear Fvg318 1.0.40
Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums.
network
low complexity
netgear
7.8