Filtered by vendor Netgear
Subscriptions
Total
1306 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-6059 | 1 Netgear | 1 Ma521 Driver | 2025-04-09 | N/A |
Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an long supported rates information element. NOTE: this issue was reported as a "memory corruption" error, but the associated exploit code suggests that it is a buffer overflow. | ||||
CVE-2006-5972 | 1 Netgear | 2 Wg111v2, Wg111v2 Driver | 2025-04-09 | N/A |
Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request. | ||||
CVE-2009-2258 | 1 Netgear | 2 Dg632, Dg632 Firmware | 2025-04-09 | N/A |
Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter. | ||||
CVE-2008-6122 | 1 Netgear | 1 Wgr614 | 2025-04-09 | N/A |
The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?"). | ||||
CVE-2009-2257 | 1 Netgear | 1 Dg632 | 2025-04-09 | N/A |
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to bypass authentication via a direct request to (1) gateway/commands/saveconfig.html, and (2) stattbl.htm, (3) modemmenu.htm, (4) onload.htm, (5) form.css, (6) utility.js, and possibly (7) indextop.htm in html/. | ||||
CVE-2009-2256 | 1 Netgear | 1 Dg632 | 2025-04-09 | N/A |
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg. | ||||
CVE-2008-1197 | 2 Marvell, Netgear | 2 88w8361w-bem1, Wn802t | 2025-04-09 | N/A |
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID." | ||||
CVE-2008-1144 | 2 Marvell, Netgear | 2 88w8361w-bem1, Wn802t | 2025-04-09 | N/A |
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length." | ||||
CVE-2007-5562 | 1 Netgear | 1 Ssl312 | 2025-04-09 | N/A |
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page. | ||||
CVE-2009-0052 | 2 Atheros, Netgear | 3 Ar9160-bc1a Chipset, Wndap330, Wndap330 Firmware | 2025-04-09 | N/A |
The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame. | ||||
CVE-2024-30568 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 9.8 Critical |
Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter. | ||||
CVE-2024-30569 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 7.5 High |
An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||||
CVE-2024-30570 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 5.3 Medium |
An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||||
CVE-2024-30571 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 7.5 High |
An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||||
CVE-2024-30572 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | 8 High |
Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter. | ||||
CVE-2001-0888 | 3 Atmel, Linksys, Netgear | 3 Firmware, Wap11, Me102 | 2025-04-03 | N/A |
Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests. | ||||
CVE-2002-2020 | 1 Netgear | 1 Rp114 | 2025-04-03 | N/A |
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed. | ||||
CVE-2002-2354 | 1 Netgear | 1 Fm114p | 2025-04-03 | N/A |
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. | ||||
CVE-2004-2556 | 1 Netgear | 1 Wg602 | 2025-04-03 | N/A |
NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration. | ||||
CVE-2004-0611 | 1 Netgear | 1 Fvs318 | 2025-04-03 | N/A |
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections. |