CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28337
https://notcve.org/view.php?id=CVE-2023-28337
15 Mar 2023 — When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the device. • https://drupal9.tenable.com/security/research/tra-2023-12 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28338
https://notcve.org/view.php?id=CVE-2023-28338
15 Mar 2023 — Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting in the device becoming unusable until it is rebooted. • https://drupal9.tenable.com/security/research/tra-2023-12 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1327
https://notcve.org/view.php?id=CVE-2023-1327
14 Mar 2023 — Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password. • https://drupal9.tenable.com/security/research/tra-2023-10 • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27851
https://notcve.org/view.php?id=CVE-2023-27851
10 Mar 2023 — NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1205
https://notcve.org/view.php?id=CVE-2023-1205
10 Mar 2023 — NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. • https://tenable.com/security/research/tra-2023-9 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27853
https://notcve.org/view.php?id=CVE-2023-27853
10 Mar 2023 — NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27852
https://notcve.org/view.php?id=CVE-2023-27852
10 Mar 2023 — NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27850
https://notcve.org/view.php?id=CVE-2023-27850
10 Mar 2023 — NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device. • https://tenable.com/security/research/tra-2023-9 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43654 – NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-43654
07 Mar 2023 — NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR CAX30S routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the token parameter provided to the sso.php endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. • https://kb.netgear.com/000065527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Cable-Modem-Routers-PSV-2022-0208 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0850 – Netgear WNDR3700v2 Web Interface denial of service
https://notcve.org/view.php?id=CVE-2023-0850
15 Feb 2023 — A vulnerability was found in Netgear WNDR3700v2 1.0.1.14 and classified as problematic. This issue affects some unknown processing of the component Web Interface. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.221153 • CWE-404: Improper Resource Shutdown or Release •