Vulnerabilities > Netgear
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-49007 | Out-of-bounds Write vulnerability in Netgear Rbr750 Firmware In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd. | 9.8 |
| 2023-11-29 | CVE-2023-49693 | Missing Authentication for Critical Function vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code. | 9.8 |
| 2023-11-29 | CVE-2023-49694 | Unspecified vulnerability in Netgear Prosafe Network Management System A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. | 7.8 |
| 2023-09-01 | CVE-2023-36187 | Classic Buffer Overflow vulnerability in Netgear products Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. | 9.8 |
| 2023-08-07 | CVE-2023-36499 | Classic Buffer Overflow vulnerability in Netgear Xr300 Firmware 1.0.3.78 Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. | 8.8 |
| 2023-08-07 | CVE-2023-38412 | Classic Buffer Overflow vulnerability in Netgear R6900P Firmware 1.3.3.154 Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi. | 8.8 |
| 2023-08-07 | CVE-2023-38591 | Classic Buffer Overflow vulnerability in Netgear Dg834Gv5 Firmware 1.6.01.34 Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi. | 8.8 |
| 2023-08-07 | CVE-2023-38921 | Command Injection vulnerability in Netgear Wag302V2 Firmware and Wg302V2 Firmware Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters. | 8.8 |
| 2023-08-07 | CVE-2023-38922 | Classic Buffer Overflow vulnerability in Netgear products Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function. | 8.8 |
| 2023-08-07 | CVE-2023-38924 | Classic Buffer Overflow vulnerability in Netgear Dgn3500 Firmware 1.1.00.37 Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi. | 6.5 |