CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-50089
https://notcve.org/view.php?id=CVE-2023-50089
15 Dec 2023 — A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP for SOAP authentication, command execution occurs during the process after successful authentication. Existe una vulnerabilidad de inyección de comandos en NETGEAR WNR2000v4 versión 1.0.0.70. Cuando se utiliza HTTP para la autenticación SOAP, la ejecución del comando se produce durante el proceso después de una autenticación exitosa. • https://github.com/NoneShell/Vulnerabilities/blob/main/NETGEAR/WNR2000v4-1.0.0.70-Authorized-Command-Injection.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-49007
https://notcve.org/view.php?id=CVE-2023-49007
08 Dec 2023 — In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd. En el firmware Netgear Orbi RBR750 anterior a V7.2.6.21, hay un desbordamiento del búfer basado en pila en /usr/sbin/httpd. • https://github.com/5erua/netgear_orbi_overflow_vulnerability/blob/main/README.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-49694 – NETGEAR ProSAFE Network Management System Privilege Escalation Via MySQL Server
https://notcve.org/view.php?id=CVE-2023-49694
29 Nov 2023 — A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM. Un usuario de sistema operativo con pocos privilegios y acceso a un host de Windows donde está instalado NETGEAR ProSAFE Network Management System puede crear archivos JSP arbitrarios en un directorio de aplicación web Tomcat. Luego, el usuario pue... • https://kb.netgear.com/000065885/Security-Advisory-for-Vertical-Privilege-Escalation-on-the-NMS300-PSV-2023-0127 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-49693 – NETGEAR ProSAFE Network Management System RCE via Unprotected Access to Java Debug Wire Protocol
https://notcve.org/view.php?id=CVE-2023-49693
29 Nov 2023 — NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code. NETGEAR ProSAFE Network Management System tiene Java Debug Wire Protocol (JDWP) escuchando en el puerto 11611 y usuarios no autenticados pueden acceder a él de forma remota, lo que permite a los atacantes ejecutar código arbitrario. • https://kb.netgear.com/000065886/Security-Advisory-for-Sensitive-Information-Disclosure-on-the-NMS300-PSV-2023-0126 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44449 – NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-44449
20 Nov 2023 — NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the clearAlertByIds function. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. • https://kb.netgear.com/000065866/Security-Advisory-for-Multiple-Vulnerabilities-on-the-NMS300-PSV-2023-0114-PSV-2023-0115 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44450 – NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44450
20 Nov 2023 — NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the getNodesByTopologyMapSearch function. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL querie... • https://kb.netgear.com/000065866/Security-Advisory-for-Multiple-Vulnerabilities-on-the-NMS300-PSV-2023-0114-PSV-2023-0115 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44445 – NETGEAR CAX30 SSO Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44445
14 Nov 2023 — NETGEAR CAX30 SSO Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR CAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sso binary. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://kb.netgear.com/000065859/Security-Advisory-for-Pre-authentication-Buffer-Overflow-on-the-CAX30-PSV-2023-0093 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 30EXPL: 0CVE-2023-36187
https://notcve.org/view.php?id=CVE-2023-36187
01 Sep 2023 — Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. Una vulnerabilidad de desbordamiento de búfer en NETGEAR R6400v2 antes de la versión 1.0.4.118, permite a atacantes remotos no autenticados ejecutar código arbitrario a través de una URL manipulada para httpd. • https://kb.netgear.com/000065571/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0578 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41183 – NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-41183
30 Aug 2023 — NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR Orbi 760 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the SOAP API. The issue results from the lack of authentication prior to allowing access to functionality. • https://kb.netgear.com/000065734/Security-Advisory-for-Authentication-Bypass-on-the-RBR760-PSV-2023-0052 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41182 – NETGEAR ProSAFE Network Management System ZipUtils Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41182
30 Aug 2023 — NETGEAR ProSAFE Network Management System ZipUtils Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ZipUtils class. The issue results from the lack of proper validation of a user-supplied path prior to usi... • https://kb.netgear.com/000065705/Security-Advisory-for-Post-authentication-Command-Injection-on-the-Prosafe-Network-Management-System-PSV-2023-0037 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •