Netgear: Security Vulnerabilities
Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters.
CVSS Score
8.8
EPSS Score
0.019
Published
2023-08-07
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-08-07
Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi.
CVSS Score
9.8
EPSS Score
0.016
Published
2023-08-07
netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.
CVSS Score
9.8
EPSS Score
0.185
Published
2023-06-20