Netgear

R8500 Firmware

125 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.7

CVE-2024-51001

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 22.04.2025 18:14:23

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sysDNSHost parameter at ddns.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51002

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 30.04.2025 16:30:32

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a ...

5.7

CVE-2024-51003

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 07.05.2025 15:24:54

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities...

5.7

CVE-2024-51004

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 30.04.2025 16:30:44

Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a De...

8

CVE-2024-51005

  • EPSS 0.54%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 02.05.2025 15:39:33

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

5.7

CVE-2024-51006

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 22.04.2025 18:16:00

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

8

CVE-2024-51009

  • EPSS 0.54%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 02.05.2025 15:39:35

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

8

CVE-2024-51010

  • EPSS 0.54%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 21.05.2025 19:59:27

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to ex...

8

CVE-2024-50993

  • EPSS 0.54%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 22.04.2025 18:09:32

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at admin_account.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

5.7

CVE-2024-50994

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 22.04.2025 18:11:27

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6_fix.cgi via the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_length parameters. These vulnerabilities allow attackers ...