Netgear CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1323 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-44200	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.
CVE-2022-44199	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44198	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2022-44197	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44196	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2022-44194	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.
CVE-2022-44193	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute.
CVE-2022-44191	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.
CVE-2022-44190	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.
CVE-2022-44188	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.
CVE-2022-44187	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.
CVE-2022-44186	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.
CVE-2022-44184	1 Netgear	2 R7000p, R7000p Firmware	2025-04-29	9.8 Critical
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.
CVE-2024-54802	1 Netgear	2 Wnr854t, Wnr854t Firmware	2025-04-22	9.8 Critical
In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header.
CVE-2024-54803	1 Netgear	2 Wnr854t, Wnr854t Firmware	2025-04-22	9.8 Critical
Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoe_peer_mac and forcing a reboot. This will result in command injection.
CVE-2024-51006	1 Netgear	2 R8500, R8500 Firmware	2025-04-22	5.7 Medium
Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51001	1 Netgear	2 R8500, R8500 Firmware	2025-04-22	5.7 Medium
Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sysDNSHost parameter at ddns.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51000	1 Netgear	2 R8500, R8500 Firmware	2025-04-22	5.7 Medium
Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component wireless.cgi via the opmode, opmode_an, and opmode_an_2 parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-50999	1 Netgear	2 R8500, R8500 Firmware	2025-04-22	5.7 Medium
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.
CVE-2024-50998	1 Netgear	2 R8500, R8500 Firmware	2025-04-22	5.7 Medium
Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpn_service_port and openvpn_service_port_tun parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.

« first previous Page 8 of 67. next last »