Page 2 of 11 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. • https://tenable.com/security/research/tra-2023-9 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. • https://tenable.com/security/research/tra-2023-9 •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

The default console presented to users over telnet (when enabled) is restricted to a subset of commands. Commands issued at this console, however, appear to be fed directly into a system call or other similar function. This allows any authenticated user to execute arbitrary commands on the device. La consola predeterminada que se presenta a los usuarios a través de telnet (cuando está habilitada) está restringida a un subconjunto de comandos. Sin embargo, los comandos emitidos en esta consola parecen enviarse directamente a una llamada al sistema u otra función similar. • https://www.tenable.com/security/research/tra-2022-37 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •