CVSS: 7.7EPSS: 0%CPEs: 38EXPL: 0CVE-2020-27867 – NETGEAR Multiple Routers mini_httpd Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-27867
21 Dec 2020 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. When parsing the funjsq_access_token paramet... • https://kb.netgear.com/000062641/Security-Advisory-for-Password-Recovery-Vulnerabilities-on-Some-Routers • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 38EXPL: 0CVE-2020-27866 – NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-27866
18 Dec 2020 — This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can le... • https://kb.netgear.com/000062641/Security-Advisory-for-Password-Recovery-Vulnerabilities-on-Some-Routers • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 8.8EPSS: 0%CPEs: 71EXPL: 0CVE-2020-27861 – NETGEAR Orbi UA_Parser Host Name Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-27861
15 Dec 2020 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. • https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-Systems • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5641
https://notcve.org/view.php?id=CVE-2020-5641
24 Nov 2020 — Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en el firmware GS108E versiones v3 2.06.10 y anteriores, permite a atacantes remotos secuestrar la autenticación de los administradores y la configuración del producto puede ca... • https://jvn.jp/en/jp/JVN27806339/index.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 26EXPL: 0CVE-2020-28373
https://notcve.org/view.php?id=CVE-2020-28373
09 Nov 2020 — upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.3.2.126_10.1.66, XR300 V1.0.3.50_10.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST V1.0.0.74, R7850 V1.0.5.64, R7900 V1.0.4.30, RAX20 V1.0.2.64, RAX80 V1.0.3.102, and R6250 V1.0.4.44. upnpd en determinados dispositivos NETGEAR permite a atacantes remotos (LAN) ejecutar código arbitrario por ... • https://github.com/cpeggg/Netgear-upnpd-poc • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 10%CPEs: 2EXPL: 3CVE-2020-28041
https://notcve.org/view.php?id=CVE-2020-28041
01 Nov 2020 — The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs because the ALG takes action based on an IP packet with an initial REGISTER substring in the TCP data, and the correct intranet IP address in the subsequent Via header, without properly considering that connection p... • https://github.com/samyk/slipstream • CWE-276: Incorrect Default Permissions •
CVSS: 9.6EPSS: 0%CPEs: 14EXPL: 0CVE-2020-26897
https://notcve.org/view.php?id=CVE-2020-26897
09 Oct 2020 — Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.... • https://kb.netgear.com/000062357/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0045 •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-26898
https://notcve.org/view.php?id=CVE-2020-26898
09 Oct 2020 — NETGEAR RAX40 devices before 1.0.3.80 are affected by incorrect configuration of security settings. Los dispositivos NETGEAR RAX40 versiones anteriores a 1.0.3.80, están afectados por una configuración incorrecta de los ajustes de seguridad • https://kb.netgear.com/000062356/Security-Advisory-for-Security-Misconfiguration-on-RAX40-PSV-2019-0267 •
CVSS: 9.6EPSS: 0%CPEs: 14EXPL: 0CVE-2020-26899
https://notcve.org/view.php?id=CVE-2020-26899
09 Oct 2020 — Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. Determinados dispositivos NETGEAR, están afectados por una divulgación de información confidencial. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS75... • https://kb.netgear.com/000062355/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0030 •
CVSS: 9.6EPSS: 0%CPEs: 14EXPL: 0CVE-2020-26900
https://notcve.org/view.php?id=CVE-2020-26900
09 Oct 2020 — Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.... • https://kb.netgear.com/000062354/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0032 •