CVSS: 10.0EPSS: 15%CPEs: 2EXPL: 1CVE-2023-34563
https://notcve.org/view.php?id=CVE-2023-34563
20 Jun 2023 — netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. • https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-34563/EN.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 30%CPEs: 2EXPL: 1CVE-2023-33532
https://notcve.org/view.php?id=CVE-2023-33532
06 Jun 2023 — There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges. • http://netgear.com • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 120EXPL: 0CVE-2016-11059
https://notcve.org/view.php?id=CVE-2016-11059
28 Apr 2020 — Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before... • https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •