CVE-2023-27850
https://notcve.org/view.php?id=CVE-2023-27850
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device. • https://tenable.com/security/research/tra-2023-9 •
CVE-2023-27853
https://notcve.org/view.php?id=CVE-2023-27853
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-27852
https://notcve.org/view.php?id=CVE-2023-27852
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-1205
https://notcve.org/view.php?id=CVE-2023-1205
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. • https://tenable.com/security/research/tra-2023-9 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-27851
https://notcve.org/view.php?id=CVE-2023-27851
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 •