CVSS: 8.8EPSS: 0%CPEs: 60EXPL: 0CVE-2020-11770
https://notcve.org/view.php?id=CVE-2020-11770
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, R6220 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.64, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6700v3 before 1.0.2.66, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7800 before 1.0.2.60, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.32. Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.52, D6400 versiones anteriores a 1.0.0.86, D7000v2 versiones anteriores a 1.0.0.53, D8500 versiones anteriores a 1.0.3.44, R6220 versiones anteriores a 1.1.0.80, R6250 versiones anteriores a 1.0.4.34, R6260 versiones anteriores a 1.1.0.64, R6400 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2.66, R6700 versiones anteriores a 1.0.2.6, R6700v2 versiones anteriores a 1.2.0.36, R6700v3 versiones anteriores a 1.0.2.66, R6800 versiones anteriores a 1.2.0.36, R6900 versiones anteriores a 1.0.2.4, R6900P versiones anteriores a 1.3.1.64, R6900v2 antes 1.2.0.36, R7000 antes 1.0.9.42, R7000P versiones anteriores a 1.3.1.64, R7100LG versiones anteriores a 1.0.0.50, R7300DST versiones anteriores a 1.0.0.70, R7800 versiones anteriores a 1.0.2.60, R7900 versiones anteriores a 1.0.3.8, R7900P versiones anteriores a 1.4.1.30, R8000 versiones anteriores a 1.0.4.28, R8000P versiones anteriores a 1.4. 1.30, R8300 versiones anteriores a 1.0.2.128, R8500 versiones anteriores a 1.0.2.128, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12 y XR500 versiones anteriores a 2.3.2.32. • https://kb.netgear.com/000061760/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-Gateways-PSV-2018-0352 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.1EPSS: 97%CPEs: 26EXPL: 1CVE-2017-5521 – NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability
https://notcve.org/view.php?id=CVE-2017-5521
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi? • https://www.exploit-db.com/exploits/41205 http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability http://www.securityfocus.com/bid/95457 •
CVSS: 9.3EPSS: 97%CPEs: 22EXPL: 3CVE-2016-6277 – NETGEAR Multiple Routers Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-6277
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/. NETGEAR R6250 en versiones anteriores a 1.0.4.6.Beta, R6400 en versiones anteriores a 1.0.1.18.Beta, R6700 en versiones anteriores a 1.0.1.14.Beta, R6900, R7000 en versiones anteriores a 1.0.7.6.Beta, R7100LG en versiones anteriores a 1.0.0.28.Beta, R7300DST en versiones anteriores a 1.0.0.46.Beta, R7900 en versiones anteriores a 1.0.1.8.Beta, R8000 en versiones anteriores a 1.0.3.26.Beta, D6220, D6400, D7000 y posiblemente otros routers permiten a atacantes remotos ejecutar comandos a través de metacaractéres shell en la ruta info a cgi-bin/. Netgear R6400 suffers from a remote code execution vulnerability. NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution. • https://www.exploit-db.com/exploits/41598 https://www.exploit-db.com/exploits/40889 http://kb.netgear.com/000036386/CVE-2016-582384 http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html http://www.securityfocus.com/bid/94819 http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers https://kalypto.org/research/netgear-vulnerability-expanded https://www.kb.cert.org/vuls/id/582384 • CWE-352: Cross-Site Request Forgery (CSRF) •