Vulnerabilities > Netgear
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-29 | CVE-2022-27644 | Improper Certificate Validation vulnerability in Netgear products This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. | 8.8 |
| 2023-03-29 | CVE-2022-27646 | Stack-based Buffer Overflow vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. | 8.8 |
| 2023-03-29 | CVE-2022-27647 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. | 8.0 |
| 2023-03-29 | CVE-2022-27645 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. | 8.8 |
| 2023-03-21 | CVE-2022-36429 | Hidden Functionality vulnerability in Netgear Rbs750 Firmware 4.6.8.5 A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. | 7.2 |
| 2023-03-21 | CVE-2022-37337 | OS Command Injection vulnerability in Netgear Rbs750 Firmware 4.6.8.5 A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. | 8.8 |
| 2023-03-21 | CVE-2022-38452 | Hidden Functionality vulnerability in Netgear Rbs750 Firmware 4.6.8.5 A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. | 8.8 |
| 2023-03-21 | CVE-2022-38458 | Missing Encryption of Sensitive Data vulnerability in Netgear Rbs750 Firmware 4.6.8.5 A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. | 5.9 |
| 2023-03-15 | CVE-2023-28337 | Unrestricted Upload of File with Dangerous Type vulnerability in Netgear Rax30 Firmware When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. | 8.8 |
| 2023-03-15 | CVE-2023-28338 | Allocation of Resources Without Limits or Throttling vulnerability in Netgear Rax30 Firmware Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. | 7.5 |