Vulnerabilities > Netgear > Rax30 Firmware > 1.0.7.78
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-27367 | OS Command Injection vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. | 8.0 |
| 2024-05-03 | CVE-2023-27368 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-27369 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-27370 | Cleartext Storage of Sensitive Information vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. | 5.7 |
| 2024-05-03 | CVE-2023-34283 | Link Following vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. | 4.6 |
| 2024-05-03 | CVE-2023-34284 | Use of Hard-coded Credentials vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. | 6.3 |
| 2024-05-03 | CVE-2023-34285 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-35722 | OS Command Injection vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-03-07 | CVE-2023-48725 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware 1.0.11.96/1.0.7.78 A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. | 8.8 |
| 2023-03-10 | CVE-2023-1205 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. | 8.8 |