CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Netgear : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-27276 22 Dir. Trav. Bypass 2021-03-29 2021-03-30
5.5
None Remote Low ??? None Partial Partial
This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the MibController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12122.
2 CVE-2021-27275 22 Dir. Trav. Bypass 2021-03-29 2021-03-30
6.5
None Remote Low ??? Partial Partial Partial
This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ConfigFileController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information or to create a denial-of-service condition on the system. Was ZDI-CAN-12125.
3 CVE-2021-27274 434 Exec Code 2021-03-29 2021-03-30
10.0
None Remote Low Not required Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12124.
4 CVE-2021-27273 78 Exec Code Bypass 2021-03-29 2021-03-30
9.0
None Remote Low ??? Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SettingConfigController class. When parsing the fileName parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12121.
5 CVE-2021-27272 22 Dir. Trav. Bypass 2021-03-29 2021-03-30
7.5
None Remote Low ??? None Partial Complete
This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ReportTemplateController class. When parsing the path parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12123.
6 CVE-2021-20172 732 2021-12-30 2022-07-12
7.2
None Local Low Not required Complete Complete Complete
All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which the software is going to be installed may overwrite certain files to obtain privilege escalation to root.
7 CVE-2020-12695 276 2020-06-08 2021-04-23
7.8
None Remote Medium Not required Partial None Complete
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
8 CVE-2019-12591 77 2019-06-03 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote authenticated users to achieve command injection.
9 CVE-2018-21160 352 CSRF 2020-04-23 2020-04-30
6.8
None Remote Medium Not required Partial Partial Partial
NETGEAR ReadyNAS devices before 6.9.3 are affected by CSRF.
10 CVE-2018-21159 2020-04-27 2020-05-04
4.0
None Remote Low ??? None Partial None
NETGEAR ReadyNAS devices before 6.9.3 are affected by incorrect configuration of security settings.
11 CVE-2018-21102 352 CSRF 2020-04-23 2020-05-07
6.8
None Remote Medium Not required Partial Partial Partial
NETGEAR ReadyNAS devices before 6.9.3 are affected by CSRF.
12 CVE-2017-18861 352 CSRF 2020-04-28 2020-05-05
7.9
None Local Network Medium Not required Complete Complete Complete
Certain NETGEAR devices are affected by CSRF. This affects ReadyNAS Surveillance 1.4.3-15-x86 and earlier and ReadyNAS Surveillance 1.1.4-5-ARM and earlier.
13 CVE-2017-18857 521 Bypass 2020-04-28 2020-05-04
7.5
None Remote Low Not required Partial Partial Partial
The NETGEAR Insight application before 2.42 for Android and iOS is affected by password mismanagement.
14 CVE-2017-18856 74 2020-04-29 2020-05-07
4.6
None Local Low Not required Partial Partial Partial
NETGEAR ReadyNAS devices before 6.6.1 are affected by command injection.
15 CVE-2017-18854 74 2020-04-29 2020-05-07
4.6
None Local Low Not required Partial Partial Partial
NETGEAR ReadyNAS 6.6.1 and earlier is affected by command injection.
16 CVE-2017-18820 79 XSS 2020-04-21 2020-04-24
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
17 CVE-2017-18819 2020-04-21 2020-04-29
2.1
None Local Low Not required Partial None None
NETGEAR ReadyNAS OS 6 devices, running ReadyNAS OS versions prior to 6.8.0 are affected by incorrect configuration of security settings.
18 CVE-2017-18816 79 XSS 2020-04-21 2020-04-24
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices, running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
19 CVE-2017-18815 79 XSS 2020-04-21 2020-04-24
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices, running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
20 CVE-2017-18814 79 XSS 2020-04-21 2020-04-24
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
21 CVE-2017-18813 79 XSS 2020-04-21 2020-04-28
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
22 CVE-2017-18812 79 XSS 2020-04-21 2020-04-28
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
23 CVE-2017-18811 79 XSS 2020-04-21 2020-04-28
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
24 CVE-2017-18810 79 XSS 2020-04-21 2020-04-24
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
25 CVE-2017-18809 79 XSS 2020-04-21 2020-04-28
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
26 CVE-2017-18808 2020-04-21 2020-04-23
4.6
None Local Low Not required Partial Partial Partial
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by incorrect configuration of security settings.
27 CVE-2017-18807 79 XSS 2020-04-21 2020-04-24
3.5
None Remote Medium ??? None Partial None
NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.
28 CVE-2017-2137 Bypass 2017-04-28 2019-10-03
4.3
None Remote Medium Not required None Partial None
ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote attackers to bypass access restriction and change configurations of the switch via SOAP requests.
29 CVE-2016-11058 613 2020-04-28 2020-05-05
5.0
None Remote Low Not required None Partial None
The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs.
30 CVE-2016-11056 2020-04-28 2020-05-05
9.0
None Remote Low ??? Complete Complete Complete
Certain NETGEAR devices are affected by anonymous root access. This affects ReadyNAS Surveillance 1.1.1-3-armel and earlier and ReadyNAS Surveillance 1.4.1-3-amd64 and earlier.
31 CVE-2016-5680 119 Exec Code Overflow 2016-08-31 2017-09-03
9.0
None Remote Low ??? Complete Complete Complete
Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command.
32 CVE-2016-5679 78 Exec Code 2016-08-31 2017-09-03
9.0
None Remote Low ??? Complete Complete Complete
cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.
33 CVE-2016-5677 200 +Info 2016-08-31 2017-09-03
5.0
None Remote Low Not required Partial None None
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request.
34 CVE-2016-5676 285 2016-08-31 2017-09-03
5.0
None Remote Low Not required None Partial None
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.
35 CVE-2016-5675 20 Exec Code 2016-08-31 2017-09-03
10.0
None Remote Low Not required Complete Complete Complete
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.
36 CVE-2016-5674 20 Exec Code 2016-08-31 2017-09-03
10.0
None Remote Low Not required Complete Complete Complete
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.
37 CVE-2016-1525 22 Dir. Trav. 2016-02-13 2018-10-09
7.8
None Remote Low Not required Complete None None
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.
38 CVE-2016-1524 Exec Code 2016-02-13 2018-10-09
8.3
None Local Network Low Not required Complete Complete Complete
Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via a direct request for a /null URI.
39 CVE-2014-4927 119 1 DoS Overflow 2014-07-24 2014-07-25
7.8
None Remote Low Not required None None Complete
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request.
40 CVE-2014-4864 255 +Info 2014-09-10 2014-09-10
3.3
None Local Network Low Not required Partial None None
The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file.
41 CVE-2013-2752 352 CSRF 2013-12-12 2019-07-18
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users.
42 CVE-2013-2751 94 1 Exec Code 2013-12-12 2019-07-18
10.0
None Remote Low Not required Complete Complete Complete
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow."
43 CVE-2012-2439 264 2012-04-28 2012-09-21
7.5
None Remote Low Not required Partial Partial Partial
The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors.
44 CVE-2009-2257 287 1 Bypass 2009-06-30 2018-10-10
7.8
None Remote Low Not required Complete None None
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to bypass authentication via a direct request to (1) gateway/commands/saveconfig.html, and (2) stattbl.htm, (3) modemmenu.htm, (4) onload.htm, (5) form.css, (6) utility.js, and possibly (7) indextop.htm in html/.
45 CVE-2009-2256 20 1 DoS 2009-06-30 2018-10-10
7.8
None Remote Low Not required None None Complete
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg.
46 CVE-2009-0680 22 DoS Dir. Trav. 2009-02-22 2017-09-29
7.8
None Remote Low Not required None None Complete
cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences.
47 CVE-2008-6122 20 DoS 2009-02-11 2017-08-08
7.8
None Remote Low Not required None None Complete
The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?").
48 CVE-2008-1197 20 DoS Exec Code 2008-09-05 2018-10-11
6.3
None Remote Medium ??? None None Complete
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."
49 CVE-2008-1144 20 DoS Exec Code 2008-09-05 2018-10-11
6.3
None Remote Medium ??? None None Complete
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length."
50 CVE-2007-5562 79 XSS 2007-10-18 2017-07-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page.
Total number of vulnerabilities : 78   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.