Netgear

Xr300 Firmware

57 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.7

CVE-2024-52014

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:26
  • Zuletzt bearbeitet 21.05.2025 20:24:11

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) ...

5.7

CVE-2024-52016

  • EPSS 0.1%
  • Veröffentlicht 05.11.2024 15:15:26
  • Zuletzt bearbeitet 21.05.2025 20:23:46

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities...

8

CVE-2024-52018

  • EPSS 0.54%
  • Veröffentlicht 05.11.2024 15:15:26
  • Zuletzt bearbeitet 02.05.2025 15:43:14

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the system_name parameter at genie_dyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

5.7

CVE-2024-52017

  • EPSS 0.1%
  • Veröffentlicht 05.11.2024 15:15:26
  • Zuletzt bearbeitet 02.05.2025 15:43:12

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

8

CVE-2024-52020

  • EPSS 0.63%
  • Veröffentlicht 05.11.2024 15:15:26
  • Zuletzt bearbeitet 02.05.2025 15:39:40

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

8

CVE-2024-52021

  • EPSS 0.63%
  • Veröffentlicht 05.11.2024 15:15:26
  • Zuletzt bearbeitet 02.05.2025 15:39:42

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

5.7

CVE-2024-51014

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:25
  • Zuletzt bearbeitet 02.05.2025 15:43:06

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51016

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:25
  • Zuletzt bearbeitet 02.05.2025 15:43:08

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

8

CVE-2024-51021

  • EPSS 0.54%
  • Veröffentlicht 05.11.2024 15:15:25
  • Zuletzt bearbeitet 21.05.2025 20:13:00

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a...

5.7

CVE-2024-51022

  • EPSS 0.09%
  • Veröffentlicht 05.11.2024 15:15:25
  • Zuletzt bearbeitet 02.05.2025 15:43:09

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.