CVSS: 9.6EPSS: 0%CPEs: 26EXPL: 0CVE-2021-29067
https://notcve.org/view.php?id=CVE-2021-29067
23 Mar 2021 — Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12. Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a RBW30 version... • https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492 •
CVSS: 9.6EPSS: 0%CPEs: 22EXPL: 0CVE-2021-29071
https://notcve.org/view.php?id=CVE-2021-29071
23 Mar 2021 — Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBR752 before 3.2.17.12, RBR753 before 3.2.17.12, RBR753S before 3.2.17.12, RBR754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12. Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autentificado. Esto afecta a RB... • https://kb.netgear.com/000063008/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0476 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 0CVE-2021-29074
https://notcve.org/view.php?id=CVE-2021-29074
23 Mar 2021 — Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12. Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack ... • https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 0CVE-2021-29075
https://notcve.org/view.php?id=CVE-2021-29075
23 Mar 2021 — Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12. Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack ... • https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466 • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 26EXPL: 0CVE-2021-29077
https://notcve.org/view.php?id=CVE-2021-29077
23 Mar 2021 — Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12. Determinados dispositivos NETGEAR están afectados por una inyección de comandos por ... • https://kb.netgear.com/000063016/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0486 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.6EPSS: 0%CPEs: 22EXPL: 0CVE-2021-29078
https://notcve.org/view.php?id=CVE-2021-29078
23 Mar 2021 — Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12. Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afe... • https://kb.netgear.com/000063009/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0511 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 0CVE-2021-29081
https://notcve.org/view.php?id=CVE-2021-29081
23 Mar 2021 — Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12. Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región ... • https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465 • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 26EXPL: 0CVE-2021-29082
https://notcve.org/view.php?id=CVE-2021-29082
23 Mar 2021 — Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. Determinados dispositivos NETGEAR están afectados por una divulgación de información confidencial... • https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037 •
CVSS: 9.9EPSS: 0%CPEs: 168EXPL: 0CVE-2021-29068
https://notcve.org/view.php?id=CVE-2021-29068
23 Mar 2021 — Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before... • https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 1%CPEs: 72EXPL: 0CVE-2021-27239 – NETGEAR Multiple Routers SSDP Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27239
24 Feb 2021 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root... • https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432 • CWE-121: Stack-based Buffer Overflow •