Netgear

Xr300 Firmware

57 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-52082

Exploit
  • EPSS 0.12%
  • Published 15.07.2025 00:00:00
  • Last modified 11.08.2025 18:51:25

In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the read_access parameter.

6.5

CVE-2025-52081

Exploit
  • EPSS 0.12%
  • Published 15.07.2025 00:00:00
  • Last modified 12.08.2025 01:26:55

In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the usb_folder parameter.

6.5

CVE-2025-52080

Exploit
  • EPSS 0.12%
  • Published 15.07.2025 00:00:00
  • Last modified 11.08.2025 18:49:28

In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the share_name parameter.

5.7

CVE-2024-52026

  • EPSS 0.09%
  • Published 05.11.2024 15:15:27
  • Last modified 21.05.2025 20:12:14

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at bsw_pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST ...

5.7

CVE-2024-52025

  • EPSS 0.09%
  • Published 05.11.2024 15:15:27
  • Last modified 21.05.2025 20:12:26

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST...

5.7

CVE-2024-52024

  • EPSS 0.09%
  • Published 05.11.2024 15:15:27
  • Last modified 21.05.2025 20:12:43

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at wizpppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST r...

5.7

CVE-2024-52023

  • EPSS 0.09%
  • Published 05.11.2024 15:15:27
  • Last modified 21.05.2025 20:12:52

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST req...

8

CVE-2024-52022

  • EPSS 0.54%
  • Published 05.11.2024 15:15:27
  • Last modified 21.05.2025 20:23:37

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component wlg_adv.cgi via the apmode_gateway parameter. This vulnerability allows attackers to ex...

5.7

CVE-2024-52015

  • EPSS 0.09%
  • Published 05.11.2024 15:15:26
  • Last modified 21.05.2025 20:24:01

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) vi...

5.7

CVE-2024-52013

  • EPSS 0.09%
  • Published 05.11.2024 15:15:26
  • Last modified 21.05.2025 20:24:21

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) vi...