Vulnerabilities > Netgear > Rax30 Firmware > 1.0.6.74
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-10 | CVE-2023-1205 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. | 8.8 |
| 2023-03-10 | CVE-2023-27850 | Unspecified vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device. low complexity netgear | 6.8 |
| 2023-03-10 | CVE-2023-27851 | Unspecified vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. | 8.8 |
| 2023-03-10 | CVE-2023-27852 | Classic Buffer Overflow vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. | 9.8 |
| 2023-03-10 | CVE-2023-27853 | Classic Buffer Overflow vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. | 9.8 |
| 2022-12-16 | CVE-2022-47209 | Improper Authentication vulnerability in Netgear Rax30 Firmware A support user exists on the device and appears to be a backdoor for Technical Support staff. | 8.8 |
| 2022-12-16 | CVE-2022-47210 | OS Command Injection vulnerability in Netgear Rax30 Firmware The default console presented to users over telnet (when enabled) is restricted to a subset of commands. | 7.8 |