Vulnerabilities > Netgear > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-38922 Classic Buffer Overflow vulnerability in Netgear products
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function.
network
low complexity
netgear CWE-120
8.8
8.8
2023-08-07 CVE-2023-38925 Classic Buffer Overflow vulnerability in Netgear Dc112A Firmware, Ex6200 Firmware and R6300V2 Firmware
Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi.
network
low complexity
netgear CWE-120
8.8
8.8
2023-08-07 CVE-2023-38926 Classic Buffer Overflow vulnerability in Netgear Ex6200 Firmware 1.0.3.94
Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set.
network
low complexity
netgear CWE-120
8.8
8.8
2023-08-07 CVE-2023-39550 Classic Buffer Overflow vulnerability in Netgear products
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function.
network
low complexity
netgear CWE-120
8.8
8.8
2023-06-06 CVE-2023-33533 Command Injection vulnerability in Netgear products
Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection.
network
low complexity
netgear CWE-77
8.8
8.8
2023-03-29 CVE-2022-27641 Integer Overflow or Wraparound vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-190
8.8
8.8
2023-03-29 CVE-2022-27642 Incorrect Authorization vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-863
8.8
8.8
2023-03-29 CVE-2022-27643 Classic Buffer Overflow vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-120
8.8
8.8
2023-03-29 CVE-2022-27644 Improper Certificate Validation vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-295
8.8
8.8
2023-03-29 CVE-2022-27646 Stack-based Buffer Overflow vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-121
8.8
8.8