Filtered by vendor Netgear
Subscribe
Total
1078 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-46422 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2022-12-28 | N/A | 4.8 MEDIUM |
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. | |||||
CVE-2022-47209 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2022-12-27 | N/A | 8.8 HIGH |
A support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “support” and cannot be changed by a user via any normally accessible means. | |||||
CVE-2022-47208 | 1 Netgear | 12 Nighthawk Ax11000, Nighthawk Ax11000 Firmware, Nighthawk Ax1800 and 9 more | 2022-12-27 | N/A | 8.8 HIGH |
The “puhttpsniff” service, which runs by default, is susceptible to command injection due to improperly sanitized user input. An unauthenticated attacker on the same network segment as the router can execute arbitrary commands on the device without authentication. | |||||
CVE-2022-4390 | 1 Netgear | 2 Ax2400, Ax2400 Firmware | 2022-12-19 | N/A | 10.0 CRITICAL |
A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions do not appear to be applied to the WAN interface for IPv6. This allows arbitrary access to any services running on the device that may be inadvertently listening via IPv6, such as the SSH and Telnet servers spawned on ports 22 and 23 by default. This misconfiguration could allow an attacker to interact with services only intended to be accessible by clients on the local network. | |||||
CVE-2022-30079 | 1 Netgear | 1 R6200 | 2022-12-09 | N/A | 8.8 HIGH |
Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter. | |||||
CVE-2022-44191 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2. | |||||
CVE-2022-44190 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering. | |||||
CVE-2022-44188 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering. | |||||
CVE-2022-44187 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri. | |||||
CVE-2022-44186 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri. | |||||
CVE-2022-44197 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. | |||||
CVE-2022-44196 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1. | |||||
CVE-2022-44194 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec. | |||||
CVE-2022-44193 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute. | |||||
CVE-2022-44200 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec. | |||||
CVE-2022-44184 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec. | |||||
CVE-2022-44199 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. | |||||
CVE-2022-44198 | 1 Netgear | 2 R7000p, R7000p Firmware | 2022-11-23 | N/A | 9.8 CRITICAL |
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1. | |||||
CVE-2021-34865 | 1 Netgear | 34 Ac2100, Ac2100 Firmware, Ac2400 and 31 more | 2022-10-27 | 8.3 HIGH | 8.8 HIGH |
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13313. | |||||
CVE-2020-28041 | 1 Netgear | 2 Nighthawk R7000, Nighthawk R7000 Firmware | 2022-10-19 | 4.3 MEDIUM | 6.5 MEDIUM |
The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs because the ALG takes action based on an IP packet with an initial REGISTER substring in the TCP data, and the correct intranet IP address in the subsequent Via header, without properly considering that connection progress and fragmentation affect the meaning of the packet data. |