CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51634 – NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51634
NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://kb.netgear.com/000065928/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0139 https://www.zerodayinitiative.com/advisories/ZDI-24-583 • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51635 – NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51635
NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within fing_dil service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. • https://kb.netgear.com/000065928/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0139 https://www.zerodayinitiative.com/advisories/ZDI-24-584 • CWE-121: Stack-based Buffer Overflow •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4235 – Netgear DG834Gv5 Web Management Interface cleartext storage
https://notcve.org/view.php?id=CVE-2024-4235
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://netsecfish.notion.site/Netgear-DG834Gv5-Plain-Text-Credentials-Exposure-22e94fe066014490bebd349775d10b27?pvs=4 https://vuldb.com/?ctiid.262126 https://vuldb.com/?id.262126 https://vuldb.com/?submit.319148 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48725
https://notcve.org/view.php?id=CVE-2023-48725
A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en la funcionalidad getblockschedule() de JSON Parsing de Netgear RAX30 1.0.11.96 y 1.0.7.78. Una solicitud HTTP especialmente manipulada puede provocar la ejecución de código. • https://kb.netgear.com/000066037/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-the-RAX30-PSV-2023-0160 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1887 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-1431 – Netgear R7000 Web Management Interface debuginfo.htm information disclosure
https://notcve.org/view.php?id=CVE-2024-1431
A vulnerability was found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this issue is some unknown functionality of the file /debuginfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. VDB-253382 is the identifier assigned to this vulnerability. • https://github.com/leetsun/Hints/tree/main/R7000/2 https://vuldb.com/?ctiid.253382 https://vuldb.com/?id.253382 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •