Netgear

Xr300 Firmware

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.7

CVE-2024-51016

  • EPSS 0.22%
  • Veröffentlicht 05.11.2024 15:15:25
  • Zuletzt bearbeitet 02.05.2025 15:43:08

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51014

  • EPSS 0.22%
  • Veröffentlicht 05.11.2024 15:15:25
  • Zuletzt bearbeitet 02.05.2025 15:43:06

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51011

  • EPSS 0.22%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 21.05.2025 20:23:30

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST requ...

8

CVE-2024-51010

  • EPSS 0.52%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 21.05.2025 19:59:27

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to ex...

8

CVE-2024-51008

  • EPSS 0.52%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 02.05.2025 15:43:04

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the system_name parameter at wiz_dyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

5.7

CVE-2024-51007

  • EPSS 0.24%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 02.05.2025 15:43:02

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

5.7

CVE-2024-51003

  • EPSS 0.24%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 07.05.2025 15:24:54

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities...

5.7

CVE-2024-51002

  • EPSS 0.22%
  • Veröffentlicht 05.11.2024 15:15:24
  • Zuletzt bearbeitet 30.04.2025 16:30:32

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a ...

5.7

CVE-2024-50996

  • EPSS 0.24%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 07.05.2025 15:25:23

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via...

5.7

CVE-2024-50997

  • EPSS 0.24%
  • Veröffentlicht 05.11.2024 15:15:23
  • Zuletzt bearbeitet 01.05.2025 18:22:26

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a ...