Shodan
Vulnerabilities
Vulnerable Software
Netgear:  Security Vulnerabilities
CVE-2023-49694
A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-29
CVE-2023-36187
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.
CVSS Score
9.8
EPSS Score
0.045
Published
2023-09-01
CVE-2023-39550
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-08-07
CVE-2023-36499
Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-08-07
CVE-2023-38412
Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-08-07
CVE-2023-38591
Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-08-07
CVE-2023-38921
Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters.
CVSS Score
8.8
EPSS Score
0.018
Published
2023-08-07
CVE-2023-38922
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-08-07
CVE-2023-38924
Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-08-07
CVE-2023-38925
Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi.
CVSS Score
8.8
EPSS Score
0.226
Published
2023-08-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved