Vulnerabilities > Netgear > R8500 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-03-26 CVE-2022-27945 OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi.
network
low complexity
netgear CWE-78
critical
9.0
2022-03-26 CVE-2022-27946 OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to admin_account.cgi.
network
low complexity
netgear CWE-78
critical
9.0
2022-03-26 CVE-2022-27947 OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameter.
network
low complexity
netgear CWE-78
critical
9.0
2021-12-26 CVE-2021-45512 Inadequate Encryption Strength vulnerability in Netgear products
Certain NETGEAR devices are affected by weak cryptography.
network
low complexity
netgear CWE-326
7.5
2021-12-26 CVE-2021-45527 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
network
low complexity
netgear CWE-120
6.5
2021-12-26 CVE-2021-45550 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-77
5.2
2021-12-26 CVE-2021-45609 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-120
7.5
2021-12-26 CVE-2021-45611 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-120
7.5
2021-12-26 CVE-2021-45615 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-77
5.8
2021-12-26 CVE-2021-45621 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
10.0