Vulnerabilities > Realtek

DATE CVE VULNERABILITY TITLE RISK
2020-09-30 CVE-2019-18990 Improper Authentication vulnerability in Realtek products
A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices.
low complexity
realtek CWE-287
4.8
2020-07-06 CVE-2020-9395 Classic Buffer Overflow vulnerability in Realtek products
An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6.
4.9
2020-06-08 CVE-2020-12773 Unspecified vulnerability in Realtek Adsl Router SOC Firmware
A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool.
network
low complexity
realtek
6.5
2020-02-12 CVE-2019-11867 NULL Pointer Dereference vulnerability in Realtek Ndis 10.1.505.2015
Realtek NDIS driver rt640x64.sys, file version 10.1.505.2015, fails to do any size checking on an input buffer from user space, which the driver assumes has a size greater than zero bytes.
local
low complexity
realtek CWE-476
2.1
2020-01-27 CVE-2019-19823 Insufficiently Protected Credentials vulnerability in multiple products
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file.
5.0
2020-01-27 CVE-2019-19822 Missing Authentication for Critical Function vulnerability in multiple products
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords).
5.0
2017-11-13 CVE-2017-3767 Unspecified vulnerability in Realtek Audio Driver Firmware
A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products.
local
low complexity
realtek lenovo
7.2
2015-05-01 CVE-2014-8361 The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
network
low complexity
dlink realtek aterm
critical
9.8
2008-04-25 CVE-2008-1932 Numeric Errors vulnerability in Realtek HD Audio Codec Drivers
Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request.
local
low complexity
microsoft realtek CWE-189
6.8
2008-04-25 CVE-2008-1931 Permissions, Privileges, and Access Controls vulnerability in Realtek HD Audio Codec Drivers
Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request.
local
low complexity
microsoft realtek CWE-264
6.8