CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-27358 – NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27358
01 May 2023 — NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of specific SOAP requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. • https://kb.netgear.com/000065617/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2022-0349 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27370 – NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-27370
01 May 2023 — NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of device configuration. The issue results from the storage of configuration secrets in plaintext. • https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27367 – NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27367
01 May 2023 — NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the libcms_cli module. The issue results from the lack of proper validation of a user-supplied command before using it to execute a system call. • https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27356 – NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27356
01 May 2023 — NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the logCtrl action. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. • https://kb.netgear.com/000065618/Security-Advisory-for-Post-authentication-Command-Injection-on-Some-Routers-PSV-2022-0350 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27360 – NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27360
01 May 2023 — NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the lighttpd HTTP server. The issue results from allowing execution of files from untrusted sources. • https://kb.netgear.com/000065559/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0352 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27361 – NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27361
01 May 2023 — NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of JSON data. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://kb.netgear.com/000065625/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-the-RAX30-PSV-2022-0302 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27368 – NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-27368
01 May 2023 — NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the soap_serverd binary. When parsing SOAP message headers, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27369 – NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-27369
01 May 2023 — NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the soap_serverd binary. When parsing the request headers, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2396 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2396
28 Apr 2023 — A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. This vulnerability affects unknown code of the component Web Management Interface. The manipulation of the argument USERDBUsers.Password leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/16 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2395 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2395
28 Apr 2023 — A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. This affects an unknown part of the component Web Management Interface. The manipulation of the argument Login.userAgent leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/15 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •