Shodan
Vulnerabilities
Vulnerable Software
Netgear:  Security Vulnerabilities
CVE-2023-38591
Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
CVE-2023-38921
Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters.
CVSS Score
8.8
EPSS Score
0.019
Published
2023-08-07
CVE-2023-38922
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
CVE-2023-38924
Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-08-07
CVE-2023-38925
Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi.
CVSS Score
8.8
EPSS Score
0.216
Published
2023-08-07
CVE-2023-38926
Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-07
CVE-2023-38928
Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi.
CVSS Score
9.8
EPSS Score
0.016
Published
2023-08-07
CVE-2023-34563
netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.
CVSS Score
9.8
EPSS Score
0.185
Published
2023-06-20
CVE-2023-33532
There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges.
CVSS Score
9.8
EPSS Score
0.303
Published
2023-06-06
CVE-2023-33533
Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request parameters, gaining shell privileges.
CVSS Score
8.8
EPSS Score
0.053
Published
2023-06-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved