Vulnerabilities > Netgear > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-06-30 | CVE-2009-2256 | Improper Input Validation vulnerability in Netgear Dg632 3.4.0Ap The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg. | 7.8 |
2009-02-22 | CVE-2009-0680 | Path Traversal vulnerability in Netgear Ssl312 cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences. | 7.8 |
2009-02-11 | CVE-2008-6122 | Improper Input Validation vulnerability in Netgear Wgr614 V8/V9 The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?"). | 7.8 |
2006-11-27 | CVE-2006-6125 | Buffer Errors vulnerability in Netgear Wg311V1 2.3.1.10 Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID. | 7.5 |
2006-08-15 | CVE-2006-4143 | Unspecified vulnerability in Netgear Fvg318 1.0.40 Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. | 7.8 |
2005-12-14 | CVE-2005-4220 | Buffer Errors vulnerability in Netgear Rp114 3.26 Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap. | 7.8 |
2005-01-17 | CVE-2005-0290 | Multiple vulnerability in Netgear Fvs318 2.4 NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension. | 7.5 |
2004-05-24 | CVE-2004-2032 | Unspecified vulnerability in Netgear Rp114 3.26 Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. | 7.5 |
2002-12-31 | CVE-2002-2355 | Credentials Management vulnerability in Netgear Fm114P Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. | 7.1 |
2002-12-31 | CVE-2002-2354 | Improper Input Validation vulnerability in Netgear Fm114P Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. | 7.8 |