CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2023-33533
https://notcve.org/view.php?id=CVE-2023-33533
Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request parameters, gaining shell privileges. • https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33533/Netgear_RCE.pdf https://www.netgear.com/about/security • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-30280
https://notcve.org/view.php?id=CVE-2023-30280
Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page. • https://github.com https://www.netgear.com/about/security • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 1CVE-2021-44261
https://notcve.org/view.php?id=CVE-2021-44261
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes firmware version information for the device. Se presenta una vulnerabilidad en la página "BRS_top.html" del Netgear W104, versión WAC104-V1.0.4.13, que puede permitir a un atacante remoto acceder a esta página sin ninguna autenticación. Cuando es procesado, expone la información de la versión del firmware del dispositivo • https://github.com/zer0yu/CVE_Request/blob/master/netgear/Netgear_W104_unauthorized_access_vulnerability_first.md https://www.netgear.com/about/security • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 0CVE-2021-45525
https://notcve.org/view.php?id=CVE-2021-45525
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before 1.0.1.50, R6400v2 before 1.0.4.118, R6700 before 1.0.2.8, R6700v3 before 1.0.4.118, R6900 before 1.0.2.8, R6900P before 1.3.2.124, R7000 before 1.0.9.88, R7000P before 1.3.2.124, R7900 before 1.0.3.18, R7900P before 1.4.1.50, R8000 before 1.0.4.46, R8000P before 1.4.1.50, RAX80 before 1.0.1.56, and WNR3500Lv2 before 1.2.0.62. Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer por parte de un usuario autenticado. Esto afecta a EX7000 versiones anteriores a 1.0.1.80, a R6400 versiones anteriores a 1.0.1.50, a R6400v2 versiones anteriores a 1.0.4.118, a R6700 versiones anteriores a 1.0.2.8, a R6700v3 versiones anteriores a 1.0.4.118, a R6900 versiones anteriores a 1.0.2.8, a R6900P versiones anteriores a 1.3.2.124, a R7000 versiones anteriores a 1.0.9.88, a R775 versiones anteriores a 1.0.3.88. 0.9.88, R7000P versiones anteriores a 1.3.2.124, R7900 versiones anteriores a 1.0.3.18, R7900P versiones anteriores a 1.4.1.50, R8000 versiones anteriores a 1.0.4.46, R8000P versiones anteriores a 1.4.1.50, RAX80 versiones anteriores a 1.0.1.56 y WNR3500Lv2 versiones anteriores a 1.2.0.62 • https://kb.netgear.com/000064052/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Extenders-PSV-2018-0618 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.1EPSS: 0%CPEs: 22EXPL: 0CVE-2021-45528
https://notcve.org/view.php?id=CVE-2021-45528
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R7900 before 1.0.3.18, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX75 before 1.0.3.88, RAX80 before 1.0.3.88, and WNR3500Lv2 before 1.2.0.62. Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer por parte de un usuario autenticado. Esto afecta a R6300v2 versiones anteriores a 1.0.4.52, a R6400 versiones anteriores a 1.0.1.52, a R6900 versiones anteriores a 1.0.2.8, a R7000 versiones anteriores a 1.0.9.88, a R7900 versiones anteriores a 1.0.3.18, a R8000 versiones anteriores a 1. 0.4.46, R7900P versiones anteriores a 1.4.1.50, R8000P versiones anteriores a 1.4.1.50, RAX75 versiones anteriores a 1.0.3.88, RAX80 versiones anteriores a 1.0.3.88 y WNR3500Lv2 versiones anteriores a 1.2.0.62 • https://kb.netgear.com/000064057/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2019-0069 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •