Filtered by vendor Netgear
Subscriptions
Total
1326 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1346 | 6 Cisco, Dell, Netgear and 3 more | 6 Telepresence Server Mse 8710, Emc Powerscale Onefs, Jr6150 Firmware and 3 more | 2025-04-12 | N/A |
| The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. | ||||
| CVE-2016-10106 | 1 Netgear | 8 Fvs318gv2, Fvs318gv2 Firmware, Fvs318n and 5 more | 2025-04-12 | N/A |
| Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by reading the /etc/shadow file. | ||||
| CVE-2016-10115 | 1 Netgear | 8 Arlo Base Station Firmware, Arlo Q Camera Firmware, Arlo Q Plus Camera Firmware and 5 more | 2025-04-12 | N/A |
| NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration. | ||||
| CVE-2015-8263 | 1 Netgear | 2 Wnr1000v3, Wnr1000v3 Firmware | 2025-04-12 | N/A |
| NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. | ||||
| CVE-2016-1525 | 1 Netgear | 1 Prosafe Network Management Software 300 | 2025-04-12 | N/A |
| Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter. | ||||
| CVE-2016-10116 | 1 Netgear | 8 Arlo Base Station Firmware, Arlo Q Camera Firmware, Arlo Q Plus Camera Firmware and 5 more | 2025-04-12 | N/A |
| NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote attackers to obtain access via a dictionary attack. | ||||
| CVE-2015-8288 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2025-04-12 | N/A |
| NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | ||||
| CVE-2015-8289 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2025-04-12 | N/A |
| The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code. | ||||
| CVE-2015-0718 | 6 Cisco, Netgear, Samsung and 3 more | 7 Nx-os, Unified Computing System, Jr6150 Firmware and 4 more | 2025-04-12 | N/A |
| Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579. | ||||
| CVE-2014-2969 | 1 Netgear | 2 Gs108pe, Gs108pe Firmware | 2025-04-12 | N/A |
| NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to (1) produce_burn.cgi, (2) register_debug.cgi, or (3) bootcode_update.cgi. | ||||
| CVE-2013-3069 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Password to the NAS User Setup page, (3) deviceName to USB_advanced.htm, or (4) Network Key to the Wireless Setup page. | ||||
| CVE-2013-4775 | 1 Netgear | 11 Prosafe Firmware, Prosafe Gs510tp, Prosafe Gs724t and 8 more | 2025-04-11 | N/A |
| NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted administrator credentials and other startup configurations via a direct request to filesystem/startup-config. | ||||
| CVE-2013-4776 | 1 Netgear | 5 Prosafe Firmware, Prosafe Gs510tp, Prosafe Gs724t and 2 more | 2025-04-11 | N/A |
| NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service (reboot or crash) via a crafted HTTP request to filesystem/. | ||||
| CVE-2013-2751 | 1 Netgear | 1 Raidiator | 2025-04-11 | N/A |
| Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow." | ||||
| CVE-2013-2752 | 1 Netgear | 1 Raidiator | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users. | ||||
| CVE-2012-2439 | 1 Netgear | 1 Prosafe Fvs318n | 2025-04-11 | N/A |
| The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2011-1673 | 1 Netgear | 2 Prosafe Wnap210, Prosafe Wnap210 Firmware | 2025-04-11 | N/A |
| BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file. | ||||
| CVE-2011-1674 | 1 Netgear | 2 Prosafe Wnap210, Prosafe Wnap210 Firmware | 2025-04-11 | N/A |
| The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php. | ||||
| CVE-2022-48196 | 1 Netgear | 18 R6400v2, R6400v2 Firmware, R6700v3 and 15 more | 2025-04-10 | 7.4 High |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136, R7960P before 1.4.4.94, and R8000P before 1.4.4.94. | ||||
| CVE-2007-4361 | 1 Netgear | 1 Readynas Raidiator | 2025-04-09 | N/A |
| NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access. | ||||