Filtered by vendor Netgear
Subscriptions
Total
1280 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0680 | 1 Netgear | 1 Ssl312 | 2025-04-09 | N/A |
| cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences. | ||||
| CVE-2009-0052 | 2 Atheros, Netgear | 3 Ar9160-bc1a Chipset, Wndap330, Wndap330 Firmware | 2025-04-09 | N/A |
| The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame. | ||||
| CVE-2008-6122 | 1 Netgear | 1 Wgr614 | 2025-04-09 | N/A |
| The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?"). | ||||
| CVE-2024-30568 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 9.8 Critical |
| Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter. | ||||
| CVE-2024-30569 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 7.5 High |
| An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||||
| CVE-2024-30570 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 5.3 Medium |
| An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||||
| CVE-2024-30571 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 7.5 High |
| An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||||
| CVE-2024-30572 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 8 High |
| Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter. | ||||
| CVE-2004-2557 | 1 Netgear | 1 Wg602 | 2025-04-03 | N/A |
| NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration. | ||||
| CVE-2002-2020 | 1 Netgear | 1 Rp114 | 2025-04-03 | N/A |
| Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed. | ||||
| CVE-2004-2556 | 1 Netgear | 1 Wg602 | 2025-04-03 | N/A |
| NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration. | ||||
| CVE-2004-2032 | 1 Netgear | 1 Rp114 | 2025-04-03 | N/A |
| Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. | ||||
| CVE-2002-0127 | 1 Netgear | 1 Rp114 | 2025-04-03 | N/A |
| Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port. | ||||
| CVE-2004-0611 | 1 Netgear | 1 Fvs318 | 2025-04-03 | N/A |
| Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections. | ||||
| CVE-2006-4765 | 1 Netgear | 1 Dg834gt | 2025-04-03 | N/A |
| NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of service (device hang) via a long string in the username field in the login window. | ||||
| CVE-2002-1892 | 1 Netgear | 1 Fvs318 | 2025-04-03 | N/A |
| NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | ||||
| CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2025-04-03 | N/A |
| Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | ||||
| CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2025-04-03 | N/A |
| SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | ||||
| CVE-2006-4143 | 1 Netgear | 1 Fvg318 | 2025-04-03 | N/A |
| Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. | ||||
| CVE-2006-1068 | 1 Netgear | 1 Netgear Router | 2025-04-03 | N/A |
| Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | ||||