Netgear

Rax30 Firmware

32 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-12943

  • EPSS 0.02%
  • Veröffentlicht 11.11.2025 16:17:44
  • Zuletzt bearbeitet 08.12.2025 14:29:40

Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined...

7.5

CVE-2025-44652

  • EPSS 0.06%
  • Veröffentlicht 21.07.2025 00:00:00
  • Zuletzt bearbeitet 02.01.2026 21:04:25

In Netgear RAX30 V1.0.10.94_3, the USERLIMIT_GLOBAL option is set to 0 in multiple bftpd-related configuration files. This can cause DoS attacks when unlimited users are connected.

9.8

CVE-2025-44658

  • EPSS 0.21%
  • Veröffentlicht 21.07.2025 00:00:00
  • Zuletzt bearbeitet 07.08.2025 17:57:40

In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions a...

8.8

CVE-2023-51635

  • EPSS 1.01%
  • Veröffentlicht 22.11.2024 20:15:06
  • Zuletzt bearbeitet 03.01.2025 16:40:28

NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required ...

7.5

CVE-2023-51634

  • EPSS 0.61%
  • Veröffentlicht 22.11.2024 20:15:06
  • Zuletzt bearbeitet 03.01.2025 16:40:16

NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR RAX30 routers. Authent...

8.8

CVE-2023-40480

  • EPSS 2.13%
  • Veröffentlicht 03.05.2024 03:15:20
  • Zuletzt bearbeitet 03.01.2025 16:36:16

NETGEAR RAX30 DHCP Server Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to expl...

8.8

CVE-2023-40479

  • EPSS 2.13%
  • Veröffentlicht 03.05.2024 03:15:20
  • Zuletzt bearbeitet 03.01.2025 16:35:43

NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit thi...

6.8

CVE-2023-40478

  • EPSS 0.34%
  • Veröffentlicht 03.05.2024 03:15:20
  • Zuletzt bearbeitet 03.01.2025 16:34:16

NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authenticatio...

8.8

CVE-2023-35722

  • EPSS 0.82%
  • Veröffentlicht 03.05.2024 02:15:34
  • Zuletzt bearbeitet 03.01.2025 17:04:45

NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit thi...

8.8

CVE-2023-34285

  • EPSS 1.09%
  • Veröffentlicht 03.05.2024 02:15:28
  • Zuletzt bearbeitet 03.01.2025 17:04:04

NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is no...