Netgear

R7000 Firmware

136 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.7

CVE-2022-40619

Exploit
  • EPSS 1.03%
  • Veröffentlicht 28.01.2026 00:00:00
  • Zuletzt bearbeitet 09.03.2026 14:43:22

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_a...

7.7

CVE-2022-40620

Exploit
  • EPSS 0.13%
  • Veröffentlicht 28.01.2026 00:00:00
  • Zuletzt bearbeitet 09.03.2026 14:41:45

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker (suitably positioned on the network) co...

7.5

CVE-2025-44650

  • EPSS 0.06%
  • Veröffentlicht 21.07.2025 00:00:00
  • Zuletzt bearbeitet 07.08.2025 17:58:36

In Netgear R7000 V1.3.1.64_10.1.36 and EAX80 V1.0.1.70_1.0.2, the USERLIMIT_GLOBAL option is set to 0 in the bftpd.conf configuration file. This can cause DoS attacks when unlimited users are connected.

6.8

CVE-2024-35520

  • EPSS 5.36%
  • Veröffentlicht 14.10.2024 22:15:03
  • Zuletzt bearbeitet 16.10.2024 17:14:31

Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter.

8.8

CVE-2021-34982

  • EPSS 5.57%
  • Veröffentlicht 07.05.2024 23:15:13
  • Zuletzt bearbeitet 14.08.2025 01:41:19

NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is no...

6.5

CVE-2021-34983

  • EPSS 0.18%
  • Veröffentlicht 07.05.2024 23:15:13
  • Zuletzt bearbeitet 14.08.2025 01:40:56

NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR rou...

6.5

CVE-2024-1431

Exploit
  • EPSS 0.05%
  • Veröffentlicht 11.02.2024 03:15:07
  • Zuletzt bearbeitet 21.11.2024 08:50:34

A vulnerability was found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this issue is some unknown functionality of the file /debuginfo.htm of the component Web Management Interface. The manipulation leads to informa...

6.5

CVE-2024-1430

Exploit
  • EPSS 0.05%
  • Veröffentlicht 11.02.2024 01:15:07
  • Zuletzt bearbeitet 21.11.2024 08:50:34

A vulnerability has been found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /currentsetting.htm of the component Web Management Interface. The manipulation ...

9.8

CVE-2023-36187

  • EPSS 4.54%
  • Veröffentlicht 01.09.2023 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:09:23

Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.

8.8

CVE-2022-27641

  • EPSS 0.18%
  • Veröffentlicht 29.03.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:04

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the N...