Search criteria
71 vulnerabilities found for RAX30 by NETGEAR
VAR-202511-1682
Vulnerability from variot - Updated: 2025-12-18 00:32Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the device.
Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update to the latest.
Fixed in:
RAX30 firmware 1.0.14.108 or later.
RAXE300 firmware 1.0.9.82 or later
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202511-1682",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.14.108"
},
{
"model": "raxe300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.82"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-12943"
}
]
},
"cve": "CVE-2025-12943",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2025-12943",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2025-12943",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"id": "CVE-2025-12943",
"trust": 1.0,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-12943"
},
{
"db": "NVD",
"id": "CVE-2025-12943"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper certificate\nvalidation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\n\nDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-12943"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-12943",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-12943"
}
]
},
"id": "VAR-202511-1682",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33559114
},
"last_update_date": "2025-12-18T00:32:23.092000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-12943"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "https://kb.netgear.com/000070355/netgear-security-advisories-november-2025"
},
{
"trust": 1.0,
"url": "https://www.netgear.com/support/product/raxe300"
},
{
"trust": 1.0,
"url": "https://www.netgear.com/support/product/rax30"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-12943"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-12943"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-11-11T17:15:39.410000",
"db": "NVD",
"id": "CVE-2025-12943"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-12-08T14:29:40.323000",
"db": "NVD",
"id": "CVE-2025-12943"
}
]
}
}
VAR-202403-0574
Vulnerability from variot - Updated: 2025-11-18 15:22A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time. Attackers can use this vulnerability to submit special requests to crash the application or execute arbitrary code in the application context
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202403-0574",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.11.96"
},
{
"model": "rax30",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.7.78"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.7.78"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.11.96"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"cve": "CVE-2023-48725",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-16604",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-48725",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-48725",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-48725",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "talos-cna@cisco.com",
"id": "CVE-2023-48725",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-48725",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-48725",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-16604",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"db": "NVD",
"id": "CVE-2023-48725"
},
{
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time. Attackers can use this vulnerability to submit special requests to crash the application or execute arbitrary code in the application context",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-48725"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"db": "CNVD",
"id": "CNVD-2025-16604"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-48725",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2023-1887",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2023-028331",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-16604",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"id": "VAR-202403-0574",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
}
]
},
"last_update_date": "2025-11-18T15:22:49.437000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX30 getblockschedule buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/710996"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2023-1887"
},
{
"trust": 1.8,
"url": "https://kb.netgear.com/000066037/security-advisory-for-post-authentication-stack-overflow-on-the-rax30-psv-2023-0160"
},
{
"trust": 1.0,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2023-1887"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-48725"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-16604"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16604"
},
{
"date": "2025-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"date": "2024-03-07T15:15:07.733000",
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16604"
},
{
"date": "2025-03-13T00:45:00",
"db": "JVNDB",
"id": "JVNDB-2023-028331"
},
{
"date": "2025-11-04T19:16:07.370000",
"db": "NVD",
"id": "CVE-2023-48725"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Out-of-bounds write vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-028331"
}
],
"trust": 0.8
}
}
VAR-202303-0823
Vulnerability from variot - Updated: 2025-09-08 23:26NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. (DoS) It may be in a state. The NETGEAR Nighthawk WiFi 6 Router is a series of WiFi 6-enabled routers from NETGEAR, designed for users seeking a high-speed internet experience. Detailed vulnerability details are not available at this time
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-0823",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "nighthawk wifi6 router",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.10.94"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"cve": "CVE-2023-1205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-20499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-1205",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-1205",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-1205",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2023-1205",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-1205",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-20499",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-828",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-828"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"db": "NVD",
"id": "CVE-2023-1205"
},
{
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. (DoS) It may be in a state. The NETGEAR Nighthawk WiFi 6 Router is a series of WiFi 6-enabled routers from NETGEAR, designed for users seeking a high-speed internet experience. Detailed vulnerability details are not available at this time",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-1205"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"db": "VULMON",
"id": "CVE-2023-1205"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-1205",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005146",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-20499",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-828",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-1205",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"db": "VULMON",
"id": "CVE-2023-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-828"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"id": "VAR-202303-0823",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
}
]
},
"last_update_date": "2025-09-08T23:26:05.426000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR Nighthawk WiFi6 Router Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/726596"
},
{
"title": "NETGEAR Nighthawk Fixes for cross-site request forgery vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=229326"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-828"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.0
},
{
"problemtype": "Cross-site request forgery (CWE-352) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tenable.com/security/research/tra-2023-9"
},
{
"trust": 1.2,
"url": "https://cxsecurity.com/cveshow/cve-2023-1205/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"db": "VULMON",
"id": "CVE-2023-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-828"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"db": "VULMON",
"id": "CVE-2023-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-828"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1205"
},
{
"date": "2023-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-828"
},
{
"date": "2023-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"date": "2023-03-10T18:15:16.623000",
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-20499"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1205"
},
{
"date": "2023-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-828"
},
{
"date": "2023-11-07T02:40:00",
"db": "JVNDB",
"id": "JVNDB-2023-005146"
},
{
"date": "2025-02-28T17:15:13.583000",
"db": "NVD",
"id": "CVE-2023-1205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-828"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Cross-site request forgery vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005146"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-828"
}
],
"trust": 0.6
}
}
VAR-202212-1500
Vulnerability from variot - Updated: 2025-09-08 23:14The default console presented to users over telnet (when enabled) is restricted to a subset of commands. Commands issued at this console, however, appear to be fed directly into a system call or other similar function. This allows any authenticated user to execute arbitrary commands on the device. RAX30 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR Nighthawk WiFi 6 Router is a series of WiFi 6-enabled routers from NETGEAR, designed for users seeking a high-speed internet experience.
The NETGEAR Nighthawk WiFi 6 Router contains a command injection vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1500",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.90"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware"
},
{
"model": "nighthawk wifi6 router",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.10.94"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"cve": "CVE-2022-47210",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CNVD-2025-20500",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-47210",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-47210",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-47210",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-47210",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-47210",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-20500",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-3433",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3433"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"db": "NVD",
"id": "CVE-2022-47210"
},
{
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default console presented to users over telnet (when enabled) is restricted to a subset of commands. Commands issued at this console, however, appear to be fed directly into a system call or other similar function. This allows any authenticated user to execute arbitrary commands on the device. RAX30 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR Nighthawk WiFi 6 Router is a series of WiFi 6-enabled routers from NETGEAR, designed for users seeking a high-speed internet experience. \n\nThe NETGEAR Nighthawk WiFi 6 Router contains a command injection vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-47210"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"db": "VULMON",
"id": "CVE-2022-47210"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-47210",
"trust": 3.9
},
{
"db": "TENABLE",
"id": "TRA-2022-37",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-20500",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3433",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-47210",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"db": "VULMON",
"id": "CVE-2022-47210"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3433"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"id": "VAR-202212-1500",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
}
]
},
"last_update_date": "2025-09-08T23:14:27.327000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "top page",
"trust": 0.8,
"url": "https://www.netgear.com/jp/"
},
{
"title": "Patch for NETGEAR Nighthawk WiFi6 Router Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/726601"
},
{
"title": "NETGEAR Nighthawk Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=219379"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3433"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.tenable.com/security/research/tra-2022-37"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-47210"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-47210/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"db": "VULMON",
"id": "CVE-2022-47210"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3433"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"db": "VULMON",
"id": "CVE-2022-47210"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3433"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"date": "2022-12-16T00:00:00",
"db": "VULMON",
"id": "CVE-2022-47210"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3433"
},
{
"date": "2023-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"date": "2022-12-16T20:15:09.003000",
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-20500"
},
{
"date": "2022-12-16T00:00:00",
"db": "VULMON",
"id": "CVE-2022-47210"
},
{
"date": "2022-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3433"
},
{
"date": "2023-03-03T02:29:00",
"db": "JVNDB",
"id": "JVNDB-2022-003661"
},
{
"date": "2025-04-17T19:15:54.927000",
"db": "NVD",
"id": "CVE-2022-47210"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3433"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RAX30\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003661"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3433"
}
],
"trust": 0.6
}
}
VAR-202212-1499
Vulnerability from variot - Updated: 2025-09-08 23:14A support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “support” and cannot be changed by a user via any normally accessible means. of netgear RAX30 An authentication vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR Nighthawk WiFi 6 Router is a series of WiFi 6-enabled routers from NETGEAR, designed for users seeking a high-speed internet experience.
The NETGEAR Nighthawk WiFi 6 Router has an authorization vulnerability caused by the presence of four default user accounts on the device. Detailed vulnerability details are not available at this time
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1499",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.90"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.9.90"
},
{
"model": "nighthawk wifi6 router",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.9.90"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"cve": "CVE-2022-47209",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-20501",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-47209",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-47209",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-47209",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-47209",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-47209",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-20501",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-3434",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3434"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"db": "NVD",
"id": "CVE-2022-47209"
},
{
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is \u201csupport\u201d and cannot be changed by a user via any normally accessible means. of netgear RAX30 An authentication vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR Nighthawk WiFi 6 Router is a series of WiFi 6-enabled routers from NETGEAR, designed for users seeking a high-speed internet experience. \n\nThe NETGEAR Nighthawk WiFi 6 Router has an authorization vulnerability caused by the presence of four default user accounts on the device. Detailed vulnerability details are not available at this time",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-47209"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"db": "VULMON",
"id": "CVE-2022-47209"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-47209",
"trust": 3.9
},
{
"db": "TENABLE",
"id": "TRA-2022-37",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023959",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-20501",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3434",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-47209",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"db": "VULMON",
"id": "CVE-2022-47209"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3434"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"id": "VAR-202212-1499",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
}
]
},
"last_update_date": "2025-09-08T23:14:27.291000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR Nighthawk WiFi6 Router Authorization Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/726606"
},
{
"title": "NETGEAR Nighthawk WiFi6 Router Repair measures for trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=219183"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3434"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Inappropriate authentication (CWE-287) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.tenable.com/security/research/tra-2022-37"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-47209"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-47209/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"db": "VULMON",
"id": "CVE-2022-47209"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3434"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"db": "VULMON",
"id": "CVE-2022-47209"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3434"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"date": "2022-12-16T00:00:00",
"db": "VULMON",
"id": "CVE-2022-47209"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3434"
},
{
"date": "2023-11-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"date": "2022-12-16T20:15:08.940000",
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-20501"
},
{
"date": "2022-12-16T00:00:00",
"db": "VULMON",
"id": "CVE-2022-47209"
},
{
"date": "2022-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3434"
},
{
"date": "2023-11-30T04:39:00",
"db": "JVNDB",
"id": "JVNDB-2022-023959"
},
{
"date": "2025-04-17T19:15:54.770000",
"db": "NVD",
"id": "CVE-2022-47209"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3434"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Authentication vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-023959"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3434"
}
],
"trust": 0.6
}
}
VAR-202507-2548
Vulnerability from variot - Updated: 2025-08-10 23:12In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions and tricking the web server into executing them as PHP, bypassing security mechanisms based on file extension filtering. This may lead to remote code execution (RCE), information disclosure, or full system compromise. of netgear RAX30 Firmware has an unrestricted upload of dangerous file types vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202507-2548",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.10.94"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"cve": "CVE-2025-44658",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-16868",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2025-44658",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-011053",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-44658",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2025-011053",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-16868",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions and tricking the web server into executing them as PHP, bypassing security mechanisms based on file extension filtering. This may lead to remote code execution (RCE), information disclosure, or full system compromise. of netgear RAX30 Firmware has an unrestricted upload of dangerous file types vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44658"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"db": "CNVD",
"id": "CNVD-2025-16868"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-44658",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-011053",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-16868",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"id": "VAR-202507-2548",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
}
]
},
"last_update_date": "2025-08-10T23:12:09.495000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Netgear RAX30 has an unspecified vulnerability (CNVD-2025-16868)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/712676"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.0
},
{
"problemtype": "Unlimited uploads of dangerous types of files (CWE-434) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.8,
"url": "https://www.notion.so/cve-2025-44658-24754a1113e780df8f72c779a108f75b"
},
{
"trust": 1.6,
"url": "https://gist.github.com/tpcchecker/c72eea7a3f89070dab7dfdbf7504b2d6"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-44658"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-16868"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16868"
},
{
"date": "2025-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"date": "2025-07-21T16:15:29.560000",
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16868"
},
{
"date": "2025-08-08T08:14:00",
"db": "JVNDB",
"id": "JVNDB-2025-011053"
},
{
"date": "2025-08-07T17:57:40.350000",
"db": "NVD",
"id": "CVE-2025-44658"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Unrestricted Upload of Dangerous File Types Vulnerability in Firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-011053"
}
],
"trust": 0.8
}
}
VAR-202507-2583
Vulnerability from variot - Updated: 2025-08-07 23:29In Netgear RAX30 V1.0.10.94_3, the USERLIMIT_GLOBAL option is set to 0 in multiple bftpd-related configuration files. This can cause DoS attacks when unlimited users are connected. NETGEAR RAX30 is a dual-band wireless router from NETGEAR.
NETGEAR RAX30 V1.0.10.94_3 has a security vulnerability that can be exploited by attackers to cause a denial of service attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202507-2583",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.10.94"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
}
]
},
"cve": "CVE-2025-44652",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-16867",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2025-44652",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-44652",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-16867",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
},
{
"db": "NVD",
"id": "CVE-2025-44652"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Netgear RAX30 V1.0.10.94_3, the USERLIMIT_GLOBAL option is set to 0 in multiple bftpd-related configuration files. This can cause DoS attacks when unlimited users are connected. NETGEAR RAX30 is a dual-band wireless router from NETGEAR. \n\nNETGEAR RAX30 V1.0.10.94_3 has a security vulnerability that can be exploited by attackers to cause a denial of service attack",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44652"
},
{
"db": "CNVD",
"id": "CNVD-2025-16867"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-44652",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2025-16867",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
},
{
"db": "NVD",
"id": "CVE-2025-44652"
}
]
},
"id": "VAR-202507-2583",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
}
]
},
"last_update_date": "2025-08-07T23:29:15.130000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX30 has an unspecified vulnerability (CNVD-2025-16867)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/712681"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44652"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://gist.github.com/tpcchecker/cb4549b7689727efeb24de0802c0fde3"
},
{
"trust": 1.0,
"url": "https://www.notion.so/cve-2025-44652-24754a1113e78003909afbd6f7fd707b"
},
{
"trust": 1.0,
"url": "https://www.netgear.com/about/security/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
},
{
"db": "NVD",
"id": "CVE-2025-44652"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
},
{
"db": "NVD",
"id": "CVE-2025-44652"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16867"
},
{
"date": "2025-07-21T18:15:27.703000",
"db": "NVD",
"id": "CVE-2025-44652"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16867"
},
{
"date": "2025-08-07T14:15:43.157000",
"db": "NVD",
"id": "CVE-2025-44652"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 has an unspecified vulnerability (CNVD-2025-16867)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16867"
}
],
"trust": 0.6
}
}
VAR-202303-0935
Vulnerability from variot - Updated: 2025-07-26 23:23Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password. of netgear RAX30 An authentication vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 (AX2400) is a wireless router that supports WiFi 6 technology and provides a wireless transmission speed of up to 2.4Gbps, which is suitable for high-bandwidth demand scenarios such as 4K streaming and gaming
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-0935",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.6.74"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.6.74"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"cve": "CVE-2023-1327",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-16680",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-1327",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-1327",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-1327",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2023-1327",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-16680",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-1097",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1097"
},
{
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device\u0027s web management interface by resetting the admin password. of netgear RAX30 An authentication vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 (AX2400) is a wireless router that supports WiFi 6 technology and provides a wireless transmission speed of up to 2.4Gbps, which is suitable for high-bandwidth demand scenarios such as 4K streaming and gaming",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-1327"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"db": "VULMON",
"id": "CVE-2023-1327"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-1327",
"trust": 3.9
},
{
"db": "TENABLE",
"id": "TRA-2023-10",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005408",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-16680",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1097",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-1327",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"db": "VULMON",
"id": "CVE-2023-1327"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1097"
},
{
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"id": "VAR-202303-0935",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
}
]
},
"last_update_date": "2025-07-26T23:23:28.728000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX30 (AX2400) Authentication Bypass Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/711326"
},
{
"title": "NETGEAR RAX30 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=229739"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1097"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Inappropriate authentication (CWE-287) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/advisories/ghsa-pvxx-rv48-qw5m"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1327"
},
{
"trust": 1.7,
"url": "https://drupal9.tenable.com/security/research/tra-2023-10"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-1327/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"db": "VULMON",
"id": "CVE-2023-1327"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1097"
},
{
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"db": "VULMON",
"id": "CVE-2023-1327"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1097"
},
{
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"date": "2023-03-14T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1327"
},
{
"date": "2023-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"date": "2023-03-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1097"
},
{
"date": "2023-03-14T22:15:10.367000",
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16680"
},
{
"date": "2023-03-15T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1327"
},
{
"date": "2023-11-08T03:19:00",
"db": "JVNDB",
"id": "JVNDB-2023-005408"
},
{
"date": "2023-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1097"
},
{
"date": "2023-03-21T17:59:23.193000",
"db": "NVD",
"id": "CVE-2023-1327"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1097"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Authentication vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005408"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1097"
}
],
"trust": 0.6
}
}
VAR-202406-0058
Vulnerability from variot - Updated: 2025-07-23 23:20NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the downloading of files via HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19589. (DoS) It may be in a state. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time.
NETGEAR RAX30 has a trust management problem vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202406-0058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.12.100_hotfix"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.12.100 hotfix"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "rax30 \u003c1.0.12.100 hotfix",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"db": "CNVD",
"id": "CNVD-2025-16597"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Neodyme",
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-583"
}
],
"trust": 0.7
},
"cve": "CVE-2023-51634",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2025-16597",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2023-51634",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2023-51634",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2023-51634",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-51634",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-51634",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-51634",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-51634",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-16597",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"db": "CNVD",
"id": "CNVD-2025-16597"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"db": "NVD",
"id": "CVE-2023-51634"
},
{
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the downloading of files via HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19589. (DoS) It may be in a state. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time. \n\nNETGEAR RAX30 has a trust management problem vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-51634"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"db": "CNVD",
"id": "CNVD-2025-16597"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-51634",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-24-583",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027728",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19589",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-16597",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"db": "CNVD",
"id": "CNVD-2025-16597"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"id": "VAR-202406-0058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16597"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16597"
}
]
},
"last_update_date": "2025-07-23T23:20:01.976000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065928/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0139"
},
{
"title": "Patch for NETGEAR RAX30 Trust Management Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/710961"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"db": "CNVD",
"id": "CNVD-2025-16597"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.0
},
{
"problemtype": "Illegal certificate verification (CWE-295) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065928/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2023-0139"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-24-583/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-51634"
},
{
"trust": 0.6,
"url": "https://kb.netgear.com/000065928/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2023-0139https"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"db": "CNVD",
"id": "CNVD-2025-16597"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"db": "CNVD",
"id": "CNVD-2025-16597"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-06-10T00:00:00",
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"date": "2025-07-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16597"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"date": "2024-11-22T20:15:06.050000",
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-07-01T00:00:00",
"db": "ZDI",
"id": "ZDI-24-583"
},
{
"date": "2025-07-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16597"
},
{
"date": "2025-01-06T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2023-027728"
},
{
"date": "2025-01-03T16:40:16.203000",
"db": "NVD",
"id": "CVE-2023-51634"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Certificate validation vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027728"
}
],
"trust": 0.8
}
}
VAR-202306-0577
Vulnerability from variot - Updated: 2025-07-23 23:10NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of symbolic links on removable USB media. By creating a symbolic link, an attacker can abuse the router's web server to access arbitrary local files. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-19498. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-0577",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"db": "CNVD",
"id": "CNVD-2025-16598"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-837"
}
],
"trust": 0.7
},
"cve": "CVE-2023-34283",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2025-16598",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-34283",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-34283",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-34283",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-34283",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-34283",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-34283",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-34283",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2025-16598",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"db": "CNVD",
"id": "CNVD-2025-16598"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"db": "NVD",
"id": "CVE-2023-34283"
},
{
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of symbolic links on removable USB media. By creating a symbolic link, an attacker can abuse the router\u0027s web server to access arbitrary local files. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-19498. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-34283"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"db": "CNVD",
"id": "CNVD-2025-16598"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-34283",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-837",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027732",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19498",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-16598",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"db": "CNVD",
"id": "CNVD-2025-16598"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"id": "VAR-202306-0577",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16598"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-16598"
}
]
},
"last_update_date": "2025-07-23T23:10:42.400000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065650/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0003-PSV-2023-0004?article=000065650"
},
{
"title": "Patch for NETGEAR RAX30 Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/710966"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"db": "CNVD",
"id": "CNVD-2025-16598"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-59",
"trust": 1.0
},
{
"problemtype": "Link interpretation problem (CWE-59) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Link interpretation problem (CWE-59) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065650/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2023-0003-psv-2023-0004?article=000065650"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-837/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34283"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-34283"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"db": "CNVD",
"id": "CNVD-2025-16598"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"db": "CNVD",
"id": "CNVD-2025-16598"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"date": "2025-07-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16598"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"date": "2024-05-03T02:15:27.813000",
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-23-837"
},
{
"date": "2025-07-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-16598"
},
{
"date": "2025-01-06T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2023-027732"
},
{
"date": "2025-01-03T17:03:08.457000",
"db": "NVD",
"id": "CVE-2023-34283"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Link interpretation vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027732"
}
],
"trust": 0.8
}
}
VAR-202303-0879
Vulnerability from variot - Updated: 2025-06-25 23:24NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. of netgear RAX30 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-0879",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "nighthawk wifi6 router",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.10.94"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"cve": "CVE-2023-27853",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-13351",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-27853",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27853",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27853",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2023-27853",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2023-27853",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-13351",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-768",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-768"
},
{
"db": "NVD",
"id": "CVE-2023-27853"
},
{
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. of netgear RAX30 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27853"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"db": "VULMON",
"id": "CVE-2023-27853"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27853",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005281",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-13351",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-768",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27853",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"db": "VULMON",
"id": "CVE-2023-27853"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-768"
},
{
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"id": "VAR-202303-0879",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
}
]
},
"last_update_date": "2025-06-25T23:24:13.344000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR Nighthawk WiFi6 Router Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/700451"
},
{
"title": "NETGEAR Nighthawk Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=229445"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-768"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://tenable.com/security/research/tra-2023-9"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27853"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-27853/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"db": "VULMON",
"id": "CVE-2023-27853"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-768"
},
{
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"db": "VULMON",
"id": "CVE-2023-27853"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-768"
},
{
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27853"
},
{
"date": "2023-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"date": "2023-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-768"
},
{
"date": "2023-03-10T18:15:17.383000",
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13351"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27853"
},
{
"date": "2023-11-07T06:22:00",
"db": "JVNDB",
"id": "JVNDB-2023-005281"
},
{
"date": "2023-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-768"
},
{
"date": "2025-02-27T22:15:36.497000",
"db": "NVD",
"id": "CVE-2023-27853"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-768"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005281"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-768"
}
],
"trust": 0.6
}
}
VAR-202303-0770
Vulnerability from variot - Updated: 2025-06-25 23:16NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. of netgear RAX30 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR.
NETGEAR Nighthawk WiFi6 Router has a code execution vulnerability. The vulnerability is due to the file sharing mechanism contained in the device. Attackers can exploit this vulnerability to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-0770",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "nighthawk wifi6 router",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.10.94"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"cve": "CVE-2023-27851",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-13353",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27851",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27851",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27851",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2023-27851",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-27851",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-13353",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-820",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-820"
},
{
"db": "NVD",
"id": "CVE-2023-27851"
},
{
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. of netgear RAX30 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR. \n\nNETGEAR Nighthawk WiFi6 Router has a code execution vulnerability. The vulnerability is due to the file sharing mechanism contained in the device. Attackers can exploit this vulnerability to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27851"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"db": "VULMON",
"id": "CVE-2023-27851"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27851",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005284",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-13353",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-820",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27851",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"db": "VULMON",
"id": "CVE-2023-27851"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-820"
},
{
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"id": "VAR-202303-0770",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
}
]
},
"last_update_date": "2025-06-25T23:16:34.311000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR Nighthawk WiFi6 Router Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/700461"
},
{
"title": "NETGEAR Nighthawk Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=229462"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-820"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tenable.com/security/research/tra-2023-9"
},
{
"trust": 1.2,
"url": "https://cxsecurity.com/cveshow/cve-2023-27851/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27851"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"db": "VULMON",
"id": "CVE-2023-27851"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-820"
},
{
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"db": "VULMON",
"id": "CVE-2023-27851"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-820"
},
{
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27851"
},
{
"date": "2023-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"date": "2023-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-820"
},
{
"date": "2023-03-10T18:15:17.080000",
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13353"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27851"
},
{
"date": "2023-11-07T06:25:00",
"db": "JVNDB",
"id": "JVNDB-2023-005284"
},
{
"date": "2023-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-820"
},
{
"date": "2025-02-27T22:15:36.340000",
"db": "NVD",
"id": "CVE-2023-27851"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-820"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Firmware vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-820"
}
],
"trust": 0.6
}
}
VAR-202306-2299
Vulnerability from variot - Updated: 2025-06-25 23:16NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of UPnP port mapping requests. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20429. (DoS) It may be in a state. NETGEAR RAX30 is a wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-2299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.96_2_hotfix"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.11.96 2 hotfix"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"db": "CNVD",
"id": "CNVD-2025-13349"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-894"
}
],
"trust": 0.7
},
"cve": "CVE-2023-35722",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-13349",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-35722",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-35722",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-35722",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-35722",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-35722",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-35722",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-35722",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-13349",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"db": "CNVD",
"id": "CNVD-2025-13349"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"db": "NVD",
"id": "CVE-2023-35722"
},
{
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of UPnP port mapping requests. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20429. (DoS) It may be in a state. NETGEAR RAX30 is a wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-35722"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"db": "CNVD",
"id": "CNVD-2025-13349"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-35722",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-894",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027730",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20429",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-13349",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"db": "CNVD",
"id": "CNVD-2025-13349"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"id": "VAR-202306-2299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13349"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13349"
}
]
},
"last_update_date": "2025-06-25T23:16:33.766000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065699/Security-Advisory-for-Pre-Authentication-Command-Injection-on-the-RAX30-PSV-2023-0046"
},
{
"title": "Patch for NETGEAR RAX30 UPnP Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/700441"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"db": "CNVD",
"id": "CNVD-2025-13349"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065699/security-advisory-for-pre-authentication-command-injection-on-the-rax30-psv-2023-0046"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-894/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-35722"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"db": "CNVD",
"id": "CNVD-2025-13349"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"db": "CNVD",
"id": "CNVD-2025-13349"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-30T00:00:00",
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"date": "2025-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13349"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"date": "2024-05-03T02:15:34.983000",
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-30T00:00:00",
"db": "ZDI",
"id": "ZDI-23-894"
},
{
"date": "2025-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13349"
},
{
"date": "2025-01-06T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2023-027730"
},
{
"date": "2025-01-03T17:04:45.290000",
"db": "NVD",
"id": "CVE-2023-35722"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027730"
}
],
"trust": 0.8
}
}
VAR-202303-0894
Vulnerability from variot - Updated: 2025-06-25 23:10NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. of netgear RAX30 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-0894",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "nighthawk wifi6 router",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.10.94"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"cve": "CVE-2023-27852",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-13352",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-27852",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27852",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27852",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2023-27852",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2023-27852",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-13352",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-810",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-810"
},
{
"db": "NVD",
"id": "CVE-2023-27852"
},
{
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. of netgear RAX30 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27852"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"db": "VULMON",
"id": "CVE-2023-27852"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27852",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005282",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-13352",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-810",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27852",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"db": "VULMON",
"id": "CVE-2023-27852"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-810"
},
{
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"id": "VAR-202303-0894",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
}
]
},
"last_update_date": "2025-06-25T23:10:58.597000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR Nighthawk WiFi6 Router Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/700456"
},
{
"title": "NETGEAR Nighthawk Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=229460"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-810"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tenable.com/security/research/tra-2023-9"
},
{
"trust": 1.2,
"url": "https://cxsecurity.com/cveshow/cve-2023-27852/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27852"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"db": "VULMON",
"id": "CVE-2023-27852"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-810"
},
{
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"db": "VULMON",
"id": "CVE-2023-27852"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-810"
},
{
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27852"
},
{
"date": "2023-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"date": "2023-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-810"
},
{
"date": "2023-03-10T18:15:17.210000",
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13352"
},
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27852"
},
{
"date": "2023-11-07T06:24:00",
"db": "JVNDB",
"id": "JVNDB-2023-005282"
},
{
"date": "2023-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-810"
},
{
"date": "2025-02-27T21:15:20.190000",
"db": "NVD",
"id": "CVE-2023-27852"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-810"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005282"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-810"
}
],
"trust": 0.6
}
}
VAR-202305-0024
Vulnerability from variot - Updated: 2025-06-02 23:30NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of SOAP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information, leading to further compromise. Was ZDI-CAN-19608. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"db": "CNVD",
"id": "CNVD-2025-11215"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Vera Mens, Noam Moshe, Uri Katz, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-497"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27357",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-11215",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27357",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27357",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27357",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27357",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27357",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-27357",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-27357",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2025-11215",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"db": "CNVD",
"id": "CNVD-2025-11215"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"db": "NVD",
"id": "CVE-2023-27357"
},
{
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of SOAP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information, leading to further compromise. Was ZDI-CAN-19608. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27357"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"db": "CNVD",
"id": "CNVD-2025-11215"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27357",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-497",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027708",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19608",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-11215",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"db": "CNVD",
"id": "CNVD-2025-11215"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"id": "VAR-202305-0024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11215"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11215"
}
]
},
"last_update_date": "2025-06-02T23:30:35.429000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348"
},
{
"title": "Patch for NETGEAR RAX30 Information Disclosure Vulnerability (CNVD-2025-11215)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692191"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"db": "CNVD",
"id": "CNVD-2025-11215"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065619/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2022-0348"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-497/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27357"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27357"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"db": "CNVD",
"id": "CNVD-2025-11215"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"db": "CNVD",
"id": "CNVD-2025-11215"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11215"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"date": "2024-05-03T02:15:13.500000",
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-497"
},
{
"date": "2025-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11215"
},
{
"date": "2025-01-06T04:22:00",
"db": "JVNDB",
"id": "JVNDB-2023-027708"
},
{
"date": "2025-01-03T17:29:55.853000",
"db": "NVD",
"id": "CVE-2023-27357"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Vulnerability related to lack of authentication for critical functions in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027708"
}
],
"trust": 0.8
}
}
VAR-202306-0613
Vulnerability from variot - Updated: 2025-06-01 22:53NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the system configuration. The system contains a hardcoded user account which can be used to access the CLI service as a low-privileged user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19660. of netgear RAX30 A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR. No detailed vulnerability details are available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-0613",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-838"
}
],
"trust": 0.7
},
"cve": "CVE-2023-34284",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-11172",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2023-34284",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2023-34284",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2023-34284",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-34284",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-34284",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-34284",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-34284",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2025-11172",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"db": "NVD",
"id": "CVE-2023-34284"
},
{
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the system configuration. The system contains a hardcoded user account which can be used to access the CLI service as a low-privileged user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19660. of netgear RAX30 A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR. No detailed vulnerability details are available",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-34284"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"db": "VULMON",
"id": "CVE-2023-34284"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-34284",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-838",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027748",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19660",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-11172",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-34284",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"db": "VULMON",
"id": "CVE-2023-34284"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"id": "VAR-202306-0613",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11172"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11172"
}
]
},
"last_update_date": "2025-06-01T22:53:40.457000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065650/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0003-PSV-2023-0004?article=000065650"
},
{
"title": "Patch for NETGEAR RAX30 Authentication Bypass Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692181"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"db": "CNVD",
"id": "CNVD-2025-11172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
},
{
"problemtype": "Use hard-coded credentials (CWE-798) [ others ]",
"trust": 0.8
},
{
"problemtype": " Use hard-coded credentials (CWE-798) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065650/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2023-0003-psv-2023-0004?article=000065650"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-838/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34284"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-34284"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"db": "VULMON",
"id": "CVE-2023-34284"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"db": "VULMON",
"id": "CVE-2023-34284"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"date": "2025-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"date": "2024-05-03T02:15:27.993000",
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-23-838"
},
{
"date": "2025-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11172"
},
{
"date": "2025-01-07T05:36:00",
"db": "JVNDB",
"id": "JVNDB-2023-027748"
},
{
"date": "2025-01-03T17:03:38.247000",
"db": "NVD",
"id": "CVE-2023-34284"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Vulnerability related to use of hardcoded credentials in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027748"
}
],
"trust": 0.8
}
}
VAR-202406-0094
Vulnerability from variot - Updated: 2025-05-30 23:30NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within fing_dil service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19843. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202406-0094",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.12.100_hotfix"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.12.100 hotfix"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "rax30 \u003c1.0.12.100 hotfix",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"db": "CNVD",
"id": "CNVD-2025-11095"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Neodyme",
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-584"
}
],
"trust": 0.7
},
"cve": "CVE-2023-51635",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-11095",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-51635",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-51635",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-51635",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-51635",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-51635",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-51635",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-51635",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-11095",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"db": "CNVD",
"id": "CNVD-2025-11095"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"db": "NVD",
"id": "CVE-2023-51635"
},
{
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within fing_dil service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19843. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-51635"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"db": "CNVD",
"id": "CNVD-2025-11095"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-51635",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-24-584",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027705",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19843",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-11095",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"db": "CNVD",
"id": "CNVD-2025-11095"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"id": "VAR-202406-0094",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11095"
}
],
"trust": 0.93559114
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11095"
}
]
},
"last_update_date": "2025-05-30T23:30:44.668000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065928/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0139"
},
{
"title": "Patch for NETGEAR RAX30 Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692156"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"db": "CNVD",
"id": "CNVD-2025-11095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065928/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2023-0139"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-24-584/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-51635"
},
{
"trust": 0.6,
"url": "https://kb.netgear.com/000065928/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2023-0139https"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"db": "CNVD",
"id": "CNVD-2025-11095"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"db": "CNVD",
"id": "CNVD-2025-11095"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-06-10T00:00:00",
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11095"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"date": "2024-11-22T20:15:06.167000",
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-07-01T00:00:00",
"db": "ZDI",
"id": "ZDI-24-584"
},
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11095"
},
{
"date": "2025-01-06T04:22:00",
"db": "JVNDB",
"id": "JVNDB-2023-027705"
},
{
"date": "2025-01-03T16:40:28",
"db": "NVD",
"id": "CVE-2023-51635"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Out-of-bounds write vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027705"
}
],
"trust": 0.8
}
}
VAR-202303-0775
Vulnerability from variot - Updated: 2025-03-01 23:05NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device. of netgear RAX30 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-0775",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"cve": "CVE-2023-27850",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-27850",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27850",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27850",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-27850",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-822",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-822"
},
{
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device. of netgear RAX30 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27850"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"db": "VULMON",
"id": "CVE-2023-27850"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27850",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005145",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202303-822",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27850",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-27850"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-822"
},
{
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"id": "VAR-202303-0775",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33559114
},
"last_update_date": "2025-03-01T23:05:01.697000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR Nighthawk Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=229324"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-822"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-59",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tenable.com/security/research/tra-2023-9"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27850"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-27850/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-27850"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-822"
},
{
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-27850"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-822"
},
{
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27850"
},
{
"date": "2023-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"date": "2023-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-822"
},
{
"date": "2023-03-10T18:15:16.900000",
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2023-27850"
},
{
"date": "2023-11-07T02:38:00",
"db": "JVNDB",
"id": "JVNDB-2023-005145"
},
{
"date": "2023-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-822"
},
{
"date": "2025-02-28T17:15:15.147000",
"db": "NVD",
"id": "CVE-2023-27850"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Firmware vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005145"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-822"
}
],
"trust": 0.6
}
}
VAR-202305-0156
Vulnerability from variot - Updated: 2025-01-11 23:05NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of specific SOAP requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-19754. RAX30 firmware, RAXE300 firmware, RAX40 For multiple Netgear products such as firmware, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0156",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax38",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "raxe300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax35",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax38",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "raxe300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Interrupt Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-502"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27358",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2024-33671",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27358",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27358",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27358",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27358",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27358",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-27358",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-27358",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-33671",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"db": "NVD",
"id": "CVE-2023-27358"
},
{
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of specific SOAP requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-19754. RAX30 firmware, RAXE300 firmware, RAX40 For multiple Netgear products such as firmware, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27358"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"db": "VULMON",
"id": "CVE-2023-27358"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27358",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-502",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027804",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19754",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33671",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27358",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"db": "VULMON",
"id": "CVE-2023-27358"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"id": "VAR-202305-0156",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33671"
}
],
"trust": 0.8276160566666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33671"
}
]
},
"last_update_date": "2025-01-11T23:05:16.788000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065617/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2022-0349"
},
{
"title": "Patch for NETGEAR RAX30 Remote Code Execution Vulnerability (CNVD-2024-33671)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/567916"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"db": "CNVD",
"id": "CNVD-2024-33671"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.0
},
{
"problemtype": "SQL injection (CWE-89) [ others ]",
"trust": 0.8
},
{
"problemtype": "SQL injection (CWE-89) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065617/security-advisory-for-authentication-bypass-on-some-routers-psv-2022-0349"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-502/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27358"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27358"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"db": "VULMON",
"id": "CVE-2023-27358"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"db": "VULMON",
"id": "CVE-2023-27358"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"date": "2024-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"date": "2025-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"date": "2024-05-03T02:15:13.673000",
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-502"
},
{
"date": "2024-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33671"
},
{
"date": "2025-01-10T02:19:00",
"db": "JVNDB",
"id": "JVNDB-2023-027804"
},
{
"date": "2025-01-09T15:37:04.203000",
"db": "NVD",
"id": "CVE-2023-27358"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "in multiple NETGEAR products. \u00a0SQL\u00a0 Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027804"
}
],
"trust": 0.8
}
}
VAR-202305-0220
Vulnerability from variot - Updated: 2025-01-09 23:16NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the logCtrl action. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19825. of netgear RAX30 firmware and RAXE300 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0220",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "raxe300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "raxe300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"db": "CNVD",
"id": "CNVD-2024-33670"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Interrupt Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-503"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27356",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.1,
"id": "CNVD-2024-33670",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-27356",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27356",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27356",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-27356",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27356",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27356",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-27356",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-27356",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2024-33670",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"db": "CNVD",
"id": "CNVD-2024-33670"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"db": "NVD",
"id": "CVE-2023-27356"
},
{
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the logCtrl action. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19825. of netgear RAX30 firmware and RAXE300 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27356"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"db": "CNVD",
"id": "CNVD-2024-33670"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27356",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-503",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027778",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19825",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33670",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"db": "CNVD",
"id": "CNVD-2024-33670"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"id": "VAR-202305-0220",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33670"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33670"
}
]
},
"last_update_date": "2025-01-09T23:16:27.131000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065618/Security-Advisory-for-Post-authentication-Command-Injection-on-Some-Routers-PSV-2022-0350"
},
{
"title": "Patch for NETGEAR RAX30 Remote Code Execution Vulnerability (CNVD-2024-33670)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/567921"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"db": "CNVD",
"id": "CNVD-2024-33670"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065618/security-advisory-for-post-authentication-command-injection-on-some-routers-psv-2022-0350"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-503/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27356"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27356"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"db": "CNVD",
"id": "CNVD-2024-33670"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"db": "CNVD",
"id": "CNVD-2024-33670"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"date": "2024-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33670"
},
{
"date": "2025-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"date": "2024-05-03T02:15:13.320000",
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-503"
},
{
"date": "2024-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33670"
},
{
"date": "2025-01-07T08:58:00",
"db": "JVNDB",
"id": "JVNDB-2023-027778"
},
{
"date": "2025-01-03T17:15:37.810000",
"db": "NVD",
"id": "CVE-2023-27356"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 firmware and \u00a0RAXE300\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027778"
}
],
"trust": 0.8
}
}
VAR-202305-0201
Vulnerability from variot - Updated: 2025-01-08 23:11NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the soap_serverd binary. When parsing the request headers, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19840. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0201",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"db": "CNVD",
"id": "CNVD-2024-33664"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Vera Mens, Noam Moshe, Uri Katz, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-500"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27369",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2024-33664",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27369",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27369",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27369",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27369",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27369",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-27369",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-27369",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-33664",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"db": "CNVD",
"id": "CNVD-2024-33664"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"db": "NVD",
"id": "CVE-2023-27369"
},
{
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the soap_serverd binary. When parsing the request headers, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19840. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27369"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"db": "CNVD",
"id": "CNVD-2024-33664"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27369",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-500",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027751",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19840",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33664",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"db": "CNVD",
"id": "CNVD-2024-33664"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"id": "VAR-202305-0201",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33664"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33664"
}
]
},
"last_update_date": "2025-01-08T23:11:08.553000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348"
},
{
"title": "Patch for NETGEAR RAX30 Stack Buffer Overflow Vulnerability (CNVD-2024-33664)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/574166"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"db": "CNVD",
"id": "CNVD-2024-33664"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065619/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2022-0348"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-500/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27369"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27369"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"db": "CNVD",
"id": "CNVD-2024-33664"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"db": "CNVD",
"id": "CNVD-2024-33664"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"date": "2024-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33664"
},
{
"date": "2025-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"date": "2024-05-03T02:15:15.587000",
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-500"
},
{
"date": "2024-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33664"
},
{
"date": "2025-01-07T05:37:00",
"db": "JVNDB",
"id": "JVNDB-2023-027751"
},
{
"date": "2025-01-03T17:00:18.243000",
"db": "NVD",
"id": "CVE-2023-27369"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Out-of-bounds write vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027751"
}
],
"trust": 0.8
}
}
VAR-202305-0179
Vulnerability from variot - Updated: 2025-01-08 23:09NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of JSON data. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19355. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.92"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.9.92"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"db": "CNVD",
"id": "CNVD-2024-33673"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rocco Calvi (@TecR0c) and Steven Seeley of Incite Team",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-495"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27361",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.1,
"id": "CNVD-2024-33673",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-27361",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27361",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27361",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-27361",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27361",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27361",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-27361",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-27361",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2024-33673",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"db": "CNVD",
"id": "CNVD-2024-33673"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"db": "NVD",
"id": "CVE-2023-27361"
},
{
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of JSON data. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19355. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27361"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"db": "CNVD",
"id": "CNVD-2024-33673"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27361",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-495",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027734",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19355",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33673",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"db": "CNVD",
"id": "CNVD-2024-33673"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"id": "VAR-202305-0179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33673"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33673"
}
]
},
"last_update_date": "2025-01-08T23:09:43.339000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065625/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-the-RAX30-PSV-2022-0302"
},
{
"title": "Patch for NETGEAR RAX30 Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/567911"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"db": "CNVD",
"id": "CNVD-2024-33673"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065625/security-advisory-for-post-authentication-buffer-overflow-on-the-rax30-psv-2022-0302"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-495/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27361"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27361"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"db": "CNVD",
"id": "CNVD-2024-33673"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"db": "CNVD",
"id": "CNVD-2024-33673"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"date": "2024-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33673"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"date": "2024-05-03T02:15:14.187000",
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-495"
},
{
"date": "2024-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33673"
},
{
"date": "2025-01-06T09:06:00",
"db": "JVNDB",
"id": "JVNDB-2023-027734"
},
{
"date": "2025-01-03T17:33:32.360000",
"db": "NVD",
"id": "CVE-2023-27361"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Out-of-bounds write vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027734"
}
],
"trust": 0.8
}
}
VAR-202308-3024
Vulnerability from variot - Updated: 2025-01-08 22:53NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the telnet CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20009. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-3024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"db": "CNVD",
"id": "CNVD-2024-33904"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1163"
}
],
"trust": 0.7
},
"cve": "CVE-2023-40478",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-33904",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-40478",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2023-40478",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-40478",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-40478",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-40478",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-40478",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-40478",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-40478",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-33904",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"db": "CNVD",
"id": "CNVD-2024-33904"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"db": "NVD",
"id": "CVE-2023-40478"
},
{
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the telnet CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20009. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-40478"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"db": "CNVD",
"id": "CNVD-2024-33904"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-40478",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-1163",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027736",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-20009",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33904",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"db": "CNVD",
"id": "CNVD-2024-33904"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"id": "VAR-202308-3024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33904"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33904"
}
]
},
"last_update_date": "2025-01-08T22:53:48.945000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065649/Security-Advisory-for-Post-authentication-Buffer-Overflow-on-the-RAX30-PSV-2023-0002"
},
{
"title": "Patch for NETGEAR RAX30 Stack Buffer Overflow Vulnerability (CNVD-2024-33904)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/574136"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"db": "CNVD",
"id": "CNVD-2024-33904"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065649/security-advisory-for-post-authentication-buffer-overflow-on-the-rax30-psv-2023-0002"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1163/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-40478"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-40478"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"db": "CNVD",
"id": "CNVD-2024-33904"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"db": "CNVD",
"id": "CNVD-2024-33904"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-22T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"date": "2024-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33904"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"date": "2024-05-03T03:15:20.650000",
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-22T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1163"
},
{
"date": "2024-07-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33904"
},
{
"date": "2025-01-06T09:07:00",
"db": "JVNDB",
"id": "JVNDB-2023-027736"
},
{
"date": "2025-01-03T16:34:16.067000",
"db": "NVD",
"id": "CVE-2023-40478"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Out-of-bounds write vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027736"
}
],
"trust": 0.8
}
}
VAR-202308-3108
Vulnerability from variot - Updated: 2025-01-08 22:53NETGEAR RAX30 DHCP Server Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DHCP server. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19705. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR. No detailed vulnerability details are provided at present
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-3108",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.92"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.9.92"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kevin Wang",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1162"
}
],
"trust": 0.7
},
"cve": "CVE-2023-40480",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2024-35178",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-40480",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-40480",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-40480",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-40480",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-40480",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-40480",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-40480",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-35178",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"db": "NVD",
"id": "CVE-2023-40480"
},
{
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 DHCP Server Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the DHCP server. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19705. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR. No detailed vulnerability details are provided at present",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-40480"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"db": "VULMON",
"id": "CVE-2023-40480"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-40480",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-1162",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027729",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19705",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-35178",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-40480",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"db": "VULMON",
"id": "CVE-2023-40480"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"id": "VAR-202308-3108",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35178"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-35178"
}
]
},
"last_update_date": "2025-01-08T22:53:48.907000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065645/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0360-PSV-2022-0361"
},
{
"title": "Patch for NETGEAR RAX30 Command Injection Vulnerability (CNVD-2024-35178)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/575406"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"db": "CNVD",
"id": "CNVD-2024-35178"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065645/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2022-0360-psv-2022-0361"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1162/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-40480"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-40480"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"db": "VULMON",
"id": "CVE-2023-40480"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"db": "VULMON",
"id": "CVE-2023-40480"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-22T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"date": "2024-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"date": "2024-05-03T03:15:20.987000",
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-22T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1162"
},
{
"date": "2024-08-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-35178"
},
{
"date": "2025-01-06T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2023-027729"
},
{
"date": "2025-01-03T16:36:16.097000",
"db": "NVD",
"id": "CVE-2023-40480"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027729"
}
],
"trust": 0.8
}
}
VAR-202305-0252
Vulnerability from variot - Updated: 2025-01-07 23:31NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the handling of device configuration. The issue results from the storage of configuration secrets in plaintext. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-19841. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0252",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"db": "CNVD",
"id": "CNVD-2024-33909"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Vera Mens, Noam Moshe, Uri Katz, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-501"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27370",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-33909",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27370",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27370",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27370",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27370",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27370",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-27370",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-27370",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2024-33909",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"db": "CNVD",
"id": "CNVD-2024-33909"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"db": "NVD",
"id": "CVE-2023-27370"
},
{
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the handling of device configuration. The issue results from the storage of configuration secrets in plaintext. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-19841. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27370"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"db": "CNVD",
"id": "CNVD-2024-33909"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27370",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-501",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027714",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19841",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33909",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"db": "CNVD",
"id": "CNVD-2024-33909"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"id": "VAR-202305-0252",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33909"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33909"
}
]
},
"last_update_date": "2025-01-07T23:31:26.377000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348"
},
{
"title": "Patch for NETGEAR RAX30 Information Disclosure Vulnerability (CNVD-2024-33909)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/574386"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"db": "CNVD",
"id": "CNVD-2024-33909"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-312",
"trust": 1.0
},
{
"problemtype": "Plaintext storage of important information (CWE-312) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Plaintext storage of important information (CWE-312) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065619/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2022-0348"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-501/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27370"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27370"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"db": "CNVD",
"id": "CNVD-2024-33909"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"db": "CNVD",
"id": "CNVD-2024-33909"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"date": "2024-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33909"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"date": "2024-05-03T02:15:15.763000",
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-501"
},
{
"date": "2024-07-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33909"
},
{
"date": "2025-01-06T06:19:00",
"db": "JVNDB",
"id": "JVNDB-2023-027714"
},
{
"date": "2025-01-03T17:01:01.870000",
"db": "NVD",
"id": "CVE-2023-27370"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Vulnerability related to plaintext storage of important information in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027714"
}
],
"trust": 0.8
}
}
VAR-202306-0542
Vulnerability from variot - Updated: 2025-01-07 23:26NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within a shared library used by the telnetd service, which listens on TCP port 23 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19918. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-0542",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.96_2_hotfix"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.11.96 2 hotfix"
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Schiller (Sonar)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-839"
}
],
"trust": 0.7
},
"cve": "CVE-2023-34285",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2024-33665",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-34285",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-34285",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-34285",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-34285",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-34285",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-34285",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-34285",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-33665",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"db": "NVD",
"id": "CVE-2023-34285"
},
{
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within a shared library used by the telnetd service, which listens on TCP port 23 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19918. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-34285"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"db": "VULMON",
"id": "CVE-2023-34285"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-34285",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-839",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027713",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19918",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33665",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-34285",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"db": "VULMON",
"id": "CVE-2023-34285"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"id": "VAR-202306-0542",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33665"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33665"
}
]
},
"last_update_date": "2025-01-07T23:26:25.026000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065696/RAX30-Firmware-Version-1-0-11-96-Hot-Fix"
},
{
"title": "Patch for NETGEAR RAX30 Stack Buffer Overflow Vulnerability (CNVD-2024-33665)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/574171"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"db": "CNVD",
"id": "CNVD-2024-33665"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065696/rax30-firmware-version-1-0-11-96-hot-fix"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-839/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34285"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-34285"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"db": "VULMON",
"id": "CVE-2023-34285"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"db": "VULMON",
"id": "CVE-2023-34285"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"date": "2024-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"date": "2024-05-03T02:15:28.173000",
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-23-839"
},
{
"date": "2024-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33665"
},
{
"date": "2025-01-06T06:19:00",
"db": "JVNDB",
"id": "JVNDB-2023-027713"
},
{
"date": "2025-01-03T17:04:04.607000",
"db": "NVD",
"id": "CVE-2023-34285"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Out-of-bounds write vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027713"
}
],
"trust": 0.8
}
}
VAR-202305-0178
Vulnerability from variot - Updated: 2025-01-07 23:23NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the configuration of the lighttpd HTTP server. The issue results from allowing execution of files from untrusted sources. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19398. of netgear RAX30 The firmware contains a vulnerability related to violation of the same origin policy.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0178",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rocco Calvi and Steven Seeley of Incite Team",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-496"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27360",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2024-33672",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2023-27360",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-27360",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27360",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2023-27360",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27360",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27360",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-27360",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-27360",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-33672",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"db": "NVD",
"id": "CVE-2023-27360"
},
{
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the configuration of the lighttpd HTTP server. The issue results from allowing execution of files from untrusted sources. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19398. of netgear RAX30 The firmware contains a vulnerability related to violation of the same origin policy.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27360"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"db": "VULMON",
"id": "CVE-2023-27360"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27360",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-23-496",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027707",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19398",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33672",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-27360",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"db": "VULMON",
"id": "CVE-2023-27360"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"id": "VAR-202305-0178",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33672"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33672"
}
]
},
"last_update_date": "2025-01-07T23:23:16.501000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065559/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0352"
},
{
"title": "Patch for NETGEAR RAX30 Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/567906"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"db": "CNVD",
"id": "CNVD-2024-33672"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-345",
"trust": 1.0
},
{
"problemtype": "CWE-346",
"trust": 1.0
},
{
"problemtype": "Inadequate verification of data reliability (CWE-345) [ others ]",
"trust": 0.8
},
{
"problemtype": " Same-origin policy violation (CWE-346) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065559/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2022-0352"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-496/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27360"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27360"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"db": "VULMON",
"id": "CVE-2023-27360"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"db": "VULMON",
"id": "CVE-2023-27360"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"date": "2024-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"date": "2024-05-03T02:15:14.013000",
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-496"
},
{
"date": "2024-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33672"
},
{
"date": "2025-01-06T04:22:00",
"db": "JVNDB",
"id": "JVNDB-2023-027707"
},
{
"date": "2025-01-03T17:32:11.500000",
"db": "NVD",
"id": "CVE-2023-27360"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 Same-origin policy violation vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027707"
}
],
"trust": 0.8
}
}
VAR-202305-0268
Vulnerability from variot - Updated: 2025-01-07 23:20NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the libcms_cli module. The issue results from the lack of proper validation of a user-supplied command before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19838. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-0268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax30",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"model": "rax30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.94"
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax30",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax30 firmware 1.0.10.94"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"db": "CNVD",
"id": "CNVD-2024-33908"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claroty Research - Vera Mens, Noam Moshe, Uri Katz, Sharon Brizinov",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-498"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27367",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2024-33908",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27367",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27367",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2023-27367",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-27367",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-27367",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-27367",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-27367",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2024-33908",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"db": "CNVD",
"id": "CNVD-2024-33908"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"db": "NVD",
"id": "CVE-2023-27367"
},
{
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. \n\nThe specific flaw exists within the libcms_cli module. The issue results from the lack of proper validation of a user-supplied command before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19838. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27367"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"db": "CNVD",
"id": "CNVD-2024-33908"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27367",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-498",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027715",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19838",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2024-33908",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"db": "CNVD",
"id": "CNVD-2024-33908"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"id": "VAR-202305-0268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33908"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-33908"
}
]
},
"last_update_date": "2025-01-07T23:20:45.797000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348"
},
{
"title": "Patch for NETGEAR RAX30 Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/574076"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"db": "CNVD",
"id": "CNVD-2024-33908"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065619/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2022-0348"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-498/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27367"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27367"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"db": "CNVD",
"id": "CNVD-2024-33908"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"db": "CNVD",
"id": "CNVD-2024-33908"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"date": "2024-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33908"
},
{
"date": "2025-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"date": "2024-05-03T02:15:15.250000",
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-01T00:00:00",
"db": "ZDI",
"id": "ZDI-23-498"
},
{
"date": "2024-07-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-33908"
},
{
"date": "2025-01-06T06:19:00",
"db": "JVNDB",
"id": "JVNDB-2023-027715"
},
{
"date": "2025-01-03T17:33:54.537000",
"db": "NVD",
"id": "CVE-2023-27367"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX30\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027715"
}
],
"trust": 0.8
}
}
CVE-2025-12943 (GCVE-0-2025-12943)
Vulnerability from nvd – Published: 2025-11-11 16:17 – Updated: 2026-01-07 17:09
VLAI?
Title
Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300
Summary
Improper certificate
validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream
AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band
WiFi 6E Router) allows attackers with the ability to intercept and
tamper traffic destined to the device to execute arbitrary commands on the
device.
Devices
with automatic updates enabled may already have this patch applied. If not,
please check the firmware version and update to the
latest.
Fixed in:
RAX30 firmware
1.0.14.108 or later.
RAXE300 firmware
1.0.9.82 or later
Severity ?
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
rqu4
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T04:55:33.797632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:09:48.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RAX30",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "1.0.10.95",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE300",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "1.0.9.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax30:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.10.95",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe300:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.9.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "rqu4"
}
],
"datePublic": "2025-11-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eImproper certificate\nvalidation in firmware update logic in NETGEAR \u003cb\u003eRAX30 \u003c/b\u003e(Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router)\u003cb\u003e \u003c/b\u003eand\u003cb\u003e \u003c/b\u003e\u003cb\u003eRAXE300\u003c/b\u003e (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eRAX30 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\"\u003efirmware\n1.0.14.108 or later\u003c/a\u003e.\u003c/p\u003e\n\nRAXE300 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\"\u003efirmware\n1.0.9.82 or later\u003c/a\u003e\n\n\n\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Improper certificate\nvalidation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\n\nDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T16:17:44.766Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax30"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe300"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eRAX30 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\"\u003efirmware\n1.0.14.108 or later\u003c/a\u003e.\u003c/p\u003e\n\nRAXE300 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\"\u003efirmware\n1.0.9.82 or later\u003c/a\u003e"
}
],
"value": "Devices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12943",
"datePublished": "2025-11-11T16:17:44.766Z",
"dateReserved": "2025-11-10T07:35:29.116Z",
"dateUpdated": "2026-01-07T17:09:48.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12943 (GCVE-0-2025-12943)
Vulnerability from cvelistv5 – Published: 2025-11-11 16:17 – Updated: 2026-01-07 17:09
VLAI?
Title
Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300
Summary
Improper certificate
validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream
AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band
WiFi 6E Router) allows attackers with the ability to intercept and
tamper traffic destined to the device to execute arbitrary commands on the
device.
Devices
with automatic updates enabled may already have this patch applied. If not,
please check the firmware version and update to the
latest.
Fixed in:
RAX30 firmware
1.0.14.108 or later.
RAXE300 firmware
1.0.9.82 or later
Severity ?
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
rqu4
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T04:55:33.797632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:09:48.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RAX30",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "1.0.10.95",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE300",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "1.0.9.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax30:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.10.95",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe300:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.9.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "rqu4"
}
],
"datePublic": "2025-11-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eImproper certificate\nvalidation in firmware update logic in NETGEAR \u003cb\u003eRAX30 \u003c/b\u003e(Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router)\u003cb\u003e \u003c/b\u003eand\u003cb\u003e \u003c/b\u003e\u003cb\u003eRAXE300\u003c/b\u003e (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eRAX30 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\"\u003efirmware\n1.0.14.108 or later\u003c/a\u003e.\u003c/p\u003e\n\nRAXE300 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\"\u003efirmware\n1.0.9.82 or later\u003c/a\u003e\n\n\n\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Improper certificate\nvalidation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\n\nDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T16:17:44.766Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax30"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe300"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eRAX30 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\"\u003efirmware\n1.0.14.108 or later\u003c/a\u003e.\u003c/p\u003e\n\nRAXE300 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\"\u003efirmware\n1.0.9.82 or later\u003c/a\u003e"
}
],
"value": "Devices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12943",
"datePublished": "2025-11-11T16:17:44.766Z",
"dateReserved": "2025-11-10T07:35:29.116Z",
"dateUpdated": "2026-01-07T17:09:48.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}