Netgear

Rax40 Firmware

24 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-27358

  • EPSS 0.76%
  • Veröffentlicht 03.05.2024 02:15:13
  • Zuletzt bearbeitet 09.01.2025 15:37:04

NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit...

8

CVE-2022-27647

  • EPSS 0.06%
  • Veröffentlicht 29.03.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:05

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mech...

8.8

CVE-2022-27645

  • EPSS 0.17%
  • Veröffentlicht 29.03.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:05

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. ...

8.8

CVE-2022-27642

  • EPSS 0.04%
  • Veröffentlicht 29.03.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:04

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ht...

9.8

CVE-2022-48196

  • EPSS 0.42%
  • Veröffentlicht 30.12.2022 08:15:07
  • Zuletzt bearbeitet 10.04.2025 19:15:50

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152,...

4.8

CVE-2021-45672

  • EPSS 0.26%
  • Veröffentlicht 26.12.2021 01:15:21
  • Zuletzt bearbeitet 21.11.2024 06:32:50

Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78...

4.5

CVE-2021-45604

  • EPSS 0.08%
  • Veröffentlicht 26.12.2021 01:15:17
  • Zuletzt bearbeitet 21.11.2024 06:32:38

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, M...

6.8

CVE-2021-45549

  • EPSS 0.41%
  • Veröffentlicht 26.12.2021 01:15:15
  • Zuletzt bearbeitet 21.11.2024 06:32:29

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 before 1.1.6.122, MR60 before 1.1.6.122, MS60 before 1.1.6.122, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P be...

7.5

CVE-2021-45493

  • EPSS 0.32%
  • Veröffentlicht 26.12.2021 01:15:12
  • Zuletzt bearbeitet 21.11.2024 06:32:20

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102.

7.1

CVE-2021-41449

  • EPSS 1.44%
  • Veröffentlicht 09.12.2021 14:15:12
  • Zuletzt bearbeitet 21.11.2024 06:26:16

A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via s...