Filtered by vendor Netgear Subscriptions
Total 1306 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-6059 1 Netgear 1 Ma521 Driver 2025-04-09 N/A
Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an long supported rates information element. NOTE: this issue was reported as a "memory corruption" error, but the associated exploit code suggests that it is a buffer overflow.
CVE-2006-5972 1 Netgear 2 Wg111v2, Wg111v2 Driver 2025-04-09 N/A
Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.
CVE-2009-2258 1 Netgear 2 Dg632, Dg632 Firmware 2025-04-09 N/A
Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter.
CVE-2008-6122 1 Netgear 1 Wgr614 2025-04-09 N/A
The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?").
CVE-2009-2257 1 Netgear 1 Dg632 2025-04-09 N/A
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to bypass authentication via a direct request to (1) gateway/commands/saveconfig.html, and (2) stattbl.htm, (3) modemmenu.htm, (4) onload.htm, (5) form.css, (6) utility.js, and possibly (7) indextop.htm in html/.
CVE-2009-2256 1 Netgear 1 Dg632 2025-04-09 N/A
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg.
CVE-2008-1197 2 Marvell, Netgear 2 88w8361w-bem1, Wn802t 2025-04-09 N/A
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."
CVE-2008-1144 2 Marvell, Netgear 2 88w8361w-bem1, Wn802t 2025-04-09 N/A
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length."
CVE-2007-5562 1 Netgear 1 Ssl312 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page.
CVE-2009-0052 2 Atheros, Netgear 3 Ar9160-bc1a Chipset, Wndap330, Wndap330 Firmware 2025-04-09 N/A
The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame.
CVE-2024-30568 1 Netgear 2 R6850, R6850 Firmware 2025-04-04 9.8 Critical
Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter.
CVE-2024-30569 1 Netgear 2 R6850, R6850 Firmware 2025-04-04 7.5 High
An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
CVE-2024-30570 1 Netgear 2 R6850, R6850 Firmware 2025-04-04 5.3 Medium
An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
CVE-2024-30571 1 Netgear 2 R6850, R6850 Firmware 2025-04-04 7.5 High
An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
CVE-2024-30572 1 Netgear 2 R6850, R6850 Firmware 2025-04-04 8 High
Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter.
CVE-2001-0888 3 Atmel, Linksys, Netgear 3 Firmware, Wap11, Me102 2025-04-03 N/A
Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests.
CVE-2002-2020 1 Netgear 1 Rp114 2025-04-03 N/A
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed.
CVE-2002-2354 1 Netgear 1 Fm114p 2025-04-03 N/A
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2004-2556 1 Netgear 1 Wg602 2025-04-03 N/A
NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration.
CVE-2004-0611 1 Netgear 1 Fvs318 2025-04-03 N/A
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections.