Netgear

R8500 Firmware

125 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.7

CVE-2024-50995

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 22.04.2025 18:11:51

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-50996

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 07.05.2025 15:25:23

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via...

5.7

CVE-2024-50997

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 01.05.2025 18:22:26

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a ...

5.7

CVE-2024-50998

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 22.04.2025 18:12:56

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpn_service_port and openvpn_service_port_tun parameters. These vulnerabilities allow attackers to cause a Denial of S...

5.7

CVE-2024-50999

  • EPSS 0.19%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 22.04.2025 18:13:30

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

8.8

CVE-2021-34982

  • EPSS 5.57%
  • Veröffentlicht 07.05.2024 23:15:13
  • Zuletzt bearbeitet 14.08.2025 01:41:19

NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is no...

6.5

CVE-2021-34983

  • EPSS 0.18%
  • Veröffentlicht 07.05.2024 23:15:13
  • Zuletzt bearbeitet 14.08.2025 01:40:56

NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR rou...

8.8

CVE-2022-27642

  • EPSS 0.04%
  • Veröffentlicht 29.03.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:04

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ht...

8.8

CVE-2022-27643

  • EPSS 4.65%
  • Veröffentlicht 29.03.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:05

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the h...

8.8

CVE-2022-27645

  • EPSS 0.17%
  • Veröffentlicht 29.03.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:05

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. ...