Total
150 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-52013 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52014 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52015 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52016 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52022 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-21 | N/A | 8.0 HIGH |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component wlg_adv.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-51011 | 1 Netgear | 6 R6400v2, R6400v2 Firmware, R7000p and 3 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51021 | 1 Netgear | 6 R6400v2, R6400v2 Firmware, R7000p and 3 more | 2025-05-21 | N/A | 8.0 HIGH |
| Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-52023 | 1 Netgear | 6 R6400v2, R6400v2 Firmware, R7000p and 3 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52024 | 1 Netgear | 6 R6400v2, R6400v2 Firmware, R7000p and 3 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at wizpppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52025 | 1 Netgear | 6 R6400v2, R6400v2 Firmware, R7000p and 3 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52026 | 1 Netgear | 6 R6400v2, R6400v2 Firmware, R7000p and 3 more | 2025-05-21 | N/A | 5.7 MEDIUM |
| Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at bsw_pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51010 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-21 | N/A | 8.0 HIGH |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-50996 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-07 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51003 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-07 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51013 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51015 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-51017 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51018 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51019 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51020 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||