Netgear

R7000p Firmware

155 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.7

CVE-2024-52014

  • EPSS 0.09%
  • Published 05.11.2024 15:15:26
  • Last modified 21.05.2025 20:24:11

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) ...

5.7

CVE-2024-52015

  • EPSS 0.09%
  • Published 05.11.2024 15:15:26
  • Last modified 21.05.2025 20:24:01

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) vi...

5.7

CVE-2024-52016

  • EPSS 0.1%
  • Published 05.11.2024 15:15:26
  • Last modified 21.05.2025 20:23:46

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities...

8

CVE-2024-52020

  • EPSS 0.63%
  • Published 05.11.2024 15:15:26
  • Last modified 02.05.2025 15:39:40

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

8

CVE-2024-52021

  • EPSS 0.63%
  • Published 05.11.2024 15:15:26
  • Last modified 02.05.2025 15:39:42

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

5.7

CVE-2024-51013

  • EPSS 0.09%
  • Published 05.11.2024 15:15:25
  • Last modified 02.05.2025 15:37:45

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51015

  • EPSS 0.19%
  • Published 05.11.2024 15:15:25
  • Last modified 02.05.2025 15:37:44

Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

5.7

CVE-2024-51017

  • EPSS 0.09%
  • Published 05.11.2024 15:15:25
  • Last modified 02.05.2025 15:37:42

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51018

  • EPSS 0.09%
  • Published 05.11.2024 15:15:25
  • Last modified 02.05.2025 15:37:40

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51019

  • EPSS 0.09%
  • Published 05.11.2024 15:15:25
  • Last modified 02.05.2025 15:37:39

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.