Vulnerabilities > Netgear > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-29 CVE-2022-27647 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear
8.0
2023-03-29 CVE-2022-27645 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers.
low complexity
netgear
8.8
2023-03-21 CVE-2022-36429 Unspecified vulnerability in Netgear Rbs750 Firmware 4.6.8.5
A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5.
network
low complexity
netgear
7.2
2023-03-21 CVE-2022-37337 Unspecified vulnerability in Netgear Rbs750 Firmware 4.6.8.5
A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5.
network
low complexity
netgear
8.8
2023-03-21 CVE-2022-38452 Unspecified vulnerability in Netgear Rbs750 Firmware 4.6.8.5
A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5.
network
low complexity
netgear
8.8
2023-03-15 CVE-2023-28337 Unrestricted Upload of File with Dangerous Type vulnerability in Netgear Rax30 Firmware
When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks.
network
low complexity
netgear CWE-434
8.8
2023-03-15 CVE-2023-28338 Allocation of Resources Without Limits or Throttling vulnerability in Netgear Rax30 Firmware
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself.
network
low complexity
netgear CWE-770
7.5
2023-03-10 CVE-2023-1205 Cross-Site Request Forgery (CSRF) vulnerability in Netgear Rax30 Firmware
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections.
network
low complexity
netgear CWE-352
8.8
2023-03-10 CVE-2023-27851 Unspecified vulnerability in Netgear Rax30 Firmware
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device.
network
low complexity
netgear
8.8
2023-02-15 CVE-2023-0848 Unspecified vulnerability in Netgear Wndr3700 Firmware 1.0.1.14
A vulnerability was found in Netgear WNDR3700v2 1.0.1.14.
network
low complexity
netgear
7.5