Vulnerabilities > Netgear
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-23 | CVE-2022-37235 | Out-of-bounds Write vulnerability in Netgear R7000 Firmware 1.0.11.13410.2.119 Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. | 9.8 |
| 2022-09-22 | CVE-2022-31937 | Out-of-bounds Write vulnerability in Netgear Wnr2000V4 Firmware 1.0.0.70 Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. | 9.8 |
| 2022-09-22 | CVE-2022-37234 | Out-of-bounds Write vulnerability in Netgear R7000 Firmware 1.0.11.13410.2.119 Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. | 7.8 |
| 2022-09-20 | CVE-2022-38955 | Improper Validation of Integrity Check Value vulnerability in Netgear Wpn824Ext Firmware 1.1.11.1.9 An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. | 7.5 |
| 2022-09-20 | CVE-2022-38956 | Improper Validation of Integrity Check Value vulnerability in Netgear Wpn824Ext Firmware 1.1.11.1.9 An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. | 5.3 |
| 2022-09-08 | CVE-2022-30079 | OS Command Injection vulnerability in Netgear R6200 R6200V2V1.0.3.12 Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter. | 8.8 |
| 2022-09-08 | CVE-2021-34236 | Classic Buffer Overflow vulnerability in Netgear R8000 Firmware 1.0.4.56 Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficiently long parameter 'register_country'. | 9.8 |
| 2022-09-07 | CVE-2022-30078 | OS Command Injection vulnerability in Netgear R6200 Firmware and R6300 Firmware NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters. | 8.8 |
| 2022-06-17 | CVE-2022-31876 | Unspecified vulnerability in Netgear Wnap320 Firmware 2.0.3 netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies. | 5.3 |
| 2022-05-13 | CVE-2022-29383 | SQL Injection vulnerability in Netgear Ssl312 Firmware Fvs336Gv2/Fvs336Gv3 NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. | 9.8 |