CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38102 – NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-38102
13 Jul 2023 — NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the createUser function. The issue results from the lack of authorization prior to allowing access to functio... • https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025 • CWE-862: Missing Authorization •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35721 – NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35721
30 Jun 2023 — NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the update functionality, which operates over HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. • https://kb.netgear.com/000065668/Security-Advisory-for-Improper-Remote-Server-Certificate-Validation-on-the-RAX50-PSV-2023-0019 • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35722 – NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35722
30 Jun 2023 — NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of UPnP port mapping requests. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. • https://kb.netgear.com/000065699/Security-Advisory-for-Pre-Authentication-Command-Injection-on-the-RAX30-PSV-2023-0046 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-34563
https://notcve.org/view.php?id=CVE-2023-34563
20 Jun 2023 — netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. • https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-34563/EN.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34284 – NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-34284
08 Jun 2023 — NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the system configuration. The system contains a hardcoded user account which can be used to access the CLI service as a low-privileged user. • https://kb.netgear.com/000065650/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0003-PSV-2023-0004?article=000065650 • CWE-798: Use of Hard-coded Credentials •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34283 – NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-34283
08 Jun 2023 — NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of symbolic links on removable USB media. By creating a symbolic link, an attacker can abuse the router's web server to access arbitrary local files. • https://kb.netgear.com/000065650/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0003-PSV-2023-0004?article=000065650 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34285 – NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-34285
08 Jun 2023 — NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within a shared library used by the telnetd service, which listens on TCP port 23 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to cop... • https://kb.netgear.com/000065696/RAX30-Firmware-Version-1-0-11-96-Hot-Fix • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-33532
https://notcve.org/view.php?id=CVE-2023-33532
06 Jun 2023 — There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges. • http://netgear.com • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 1CVE-2023-33533
https://notcve.org/view.php?id=CVE-2023-33533
06 Jun 2023 — Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request parameters, gaining shell privileges. • https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33533/Netgear_RCE.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27357 – NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-27357
01 May 2023 — NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. The issue results from the lack of authentication prior to allowing access to functionality. • https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348 • CWE-306: Missing Authentication for Critical Function •