Filtered by vendor Netgear Subscriptions
Total 1208 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-52013 1 Netgear 4 R6400 Firmware, R7000p Firmware, R8500 Firmware and 1 more 2024-11-05 5.7 Medium
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51022 1 Netgear 1 Xr300 Firmware 2024-11-05 5.7 Medium
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51021 1 Netgear 3 R6400 Firmware, R7000p Firmware, Xr300 Firmware 2024-11-05 8 High
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-51020 1 Netgear 1 R7000p Firmware 2024-11-05 5.7 Medium
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51019 1 Netgear 1 R7000p Firmware 2024-11-05 5.7 Medium
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51018 1 Netgear 1 R7000p Firmware 2024-11-05 5.7 Medium
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51017 1 Netgear 1 R7000p Firmware 2024-11-05 5.7 Medium
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51016 1 Netgear 1 Xr300 Firmware 2024-11-05 5.7 Medium
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51015 1 Netgear 1 R7000p Firmware 2024-11-05 5.7 Medium
Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-51014 1 Netgear 1 Xr300 Firmware 2024-11-05 5.7 Medium
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51013 1 Netgear 1 R7000p Firmware 2024-11-05 5.7 Medium
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51012 1 Netgear 1 R8500 Firmware 2024-11-05 5.7 Medium
Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51011 1 Netgear 3 R6400 Firmware, R7000p Firmware, Xr300 Firmware 2024-11-05 5.7 Medium
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51010 1 Netgear 4 R6400 Firmware, R7000p Firmware, R8500 Firmware and 1 more 2024-11-05 8 High
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-51009 1 Netgear 1 R8500 Firmware 2024-11-05 8 High
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-51008 1 Netgear 1 Xr300 Firmware 2024-11-05 8 High
Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the system_name parameter at wiz_dyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-51007 1 Netgear 1 Xr300 Firmware 2024-11-05 5.7 Medium
Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51006 1 Netgear 1 R8500 Firmware 2024-11-05 5.7 Medium
Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51005 1 Netgear 1 R8500 Firmware 2024-11-05 8 High
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-51004 1 Netgear 2 R7000p Firmware, R8500 Firmware 2024-11-05 5.7 Medium
Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.