Vulnerabilities > Netgear

DATE CVE VULNERABILITY TITLE RISK
2022-12-16 CVE-2022-47208 OS Command Injection vulnerability in Netgear products
The “puhttpsniff” service, which runs by default, is susceptible to command injection due to improperly sanitized user input.
low complexity
netgear CWE-78
8.8
8.8
2022-12-16 CVE-2022-47209 Improper Authentication vulnerability in Netgear Rax30 Firmware
A support user exists on the device and appears to be a backdoor for Technical Support staff.
low complexity
netgear CWE-287
8.8
8.8
2022-12-16 CVE-2022-47210 OS Command Injection vulnerability in Netgear Rax30 Firmware
The default console presented to users over telnet (when enabled) is restricted to a subset of commands.
local
low complexity
netgear CWE-78
7.8
7.8
2022-12-09 CVE-2022-4390 Unspecified vulnerability in Netgear Ax2400 Firmware
A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers.
network
low complexity
netgear
critical
 10.0
10
2022-11-22 CVE-2022-44184 Out-of-bounds Write vulnerability in Netgear R7000P Firmware 1.3.0.8
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.
network
low complexity
netgear CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44186 Out-of-bounds Write vulnerability in Netgear R7000P Firmware 1.3.1.64
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.
network
low complexity
netgear CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44187 Out-of-bounds Write vulnerability in Netgear R7000P Firmware 1.3.0.8
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.
network
low complexity
netgear CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44188 Out-of-bounds Write vulnerability in Netgear R7000P Firmware 1.3.0.8
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.
network
low complexity
netgear CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44190 Out-of-bounds Write vulnerability in Netgear R7000P Firmware 1.3.1.64
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.
network
low complexity
netgear CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44191 Out-of-bounds Write vulnerability in Netgear R7000P Firmware 1.3.1.64
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.
network
low complexity
netgear CWE-787
critical
 9.8
9.8