Vulnerabilities > Netgear > Rax30 Firmware > 1.0.4.66
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-27367 | OS Command Injection vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. | 8.0 |
| 2024-05-03 | CVE-2023-27368 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-27369 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-27370 | Cleartext Storage of Sensitive Information vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. | 5.7 |
| 2024-05-03 | CVE-2023-34283 | Link Following vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. | 4.6 |
| 2024-05-03 | CVE-2023-34284 | Use of Hard-coded Credentials vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. | 6.3 |
| 2024-05-03 | CVE-2023-34285 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-35722 | OS Command Injection vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. | 8.8 |
| 2023-03-14 | CVE-2023-1327 | Improper Authentication vulnerability in Netgear Rax30 Firmware 1.0.3.64/1.0.4.66/1.0.5.70 Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password. | 9.8 |
| 2023-03-10 | CVE-2023-1205 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. | 8.8 |