Vulnerabilities > Netgear > Rax30 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-27367 | OS Command Injection vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. | 8.0 |
| 2024-05-03 | CVE-2023-27368 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-27369 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-27370 | Cleartext Storage of Sensitive Information vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. | 5.7 |
| 2024-05-03 | CVE-2023-34283 | Link Following vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. | 4.6 |
| 2024-05-03 | CVE-2023-34284 | Use of Hard-coded Credentials vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. | 6.3 |
| 2024-05-03 | CVE-2023-34285 | Out-of-bounds Write vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-35722 | OS Command Injection vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. | 8.8 |
| 2023-03-15 | CVE-2023-28337 | Unrestricted Upload of File with Dangerous Type vulnerability in Netgear Rax30 Firmware When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. | 8.8 |
| 2023-03-15 | CVE-2023-28338 | Allocation of Resources Without Limits or Throttling vulnerability in Netgear Rax30 Firmware Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. | 7.5 |