Vulnerabilities > Netgear > Rax30 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-05-03 CVE-2023-27367 OS Command Injection vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability.
low complexity
netgear CWE-78
8.0
2024-05-03 CVE-2023-27368 Out-of-bounds Write vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability.
low complexity
netgear CWE-787
8.8
2024-05-03 CVE-2023-27369 Out-of-bounds Write vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability.
low complexity
netgear CWE-787
8.8
2024-05-03 CVE-2023-27370 Cleartext Storage of Sensitive Information vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability.
low complexity
netgear CWE-312
5.7
2024-05-03 CVE-2023-34283 Link Following vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability.
low complexity
netgear CWE-59
4.6
2024-05-03 CVE-2023-34284 Use of Hard-coded Credentials vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability.
low complexity
netgear CWE-798
6.3
2024-05-03 CVE-2023-34285 Out-of-bounds Write vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability.
low complexity
netgear CWE-787
8.8
2024-05-03 CVE-2023-35722 OS Command Injection vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability.
low complexity
netgear CWE-78
8.8
2024-03-07 CVE-2023-48725 Out-of-bounds Write vulnerability in Netgear Rax30 Firmware 1.0.11.96/1.0.7.78
A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78.
network
low complexity
netgear CWE-787
8.8
2023-03-15 CVE-2023-28337 Unrestricted Upload of File with Dangerous Type vulnerability in Netgear Rax30 Firmware
When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks.
network
low complexity
netgear CWE-434
8.8