Netgear ≫ Rax30 Firmware

30 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

5.7

CVE-2023-27370

EPSS 0.02%
Published 03.05.2024 02:15:15
Last modified 03.01.2025 17:01:01

NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Although authenticat...

8.8

CVE-2023-27369

EPSS 0.05%
Published 03.05.2024 02:15:15
Last modified 03.01.2025 17:00:18

NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to ...

8.8

CVE-2023-27368

EPSS 0.05%
Published 03.05.2024 02:15:15
Last modified 03.01.2025 17:34:13

CVE-2023-27367

EPSS 0.21%
Published 03.05.2024 02:15:15
Last modified 03.01.2025 17:33:54

NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to ...

CVE-2023-27361

EPSS 3.98%
Published 03.05.2024 02:15:14
Last modified 03.01.2025 17:33:32

NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is r...

8.8

CVE-2023-27360

EPSS 0.72%
Published 03.05.2024 02:15:14
Last modified 03.01.2025 17:32:11

NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vul...

8.8

CVE-2023-27358

EPSS 0.76%
Published 03.05.2024 02:15:13
Last modified 09.01.2025 15:37:04

NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit...

6.5

CVE-2023-27357

EPSS 0.2%
Published 03.05.2024 02:15:13
Last modified 03.01.2025 17:29:55

NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not requir...

CVE-2023-27356

EPSS 0.26%
Published 03.05.2024 02:15:13
Last modified 03.01.2025 17:15:37

NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exp...

8.8

CVE-2023-48725

Exploit

EPSS 30.52%
Published 07.03.2024 15:15:07
Last modified 11.03.2025 16:56:47

A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP r...

<123>