VYPR

R8500

by Netgear

CVEs (42)

  • CVE-2024-50993Nov 5, 2024
    risk 0.00cvss epss 0.01

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at admin_account.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2024-52020Nov 5, 2024
    risk 0.00cvss epss 0.01

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2024-50996Nov 5, 2024
    risk 0.00cvss epss 0.00

    Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

  • CVE-2024-50999Nov 5, 2024
    risk 0.00cvss epss 0.01

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2024-51005Nov 5, 2024
    risk 0.00cvss epss 0.01

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2024-52021Nov 5, 2024
    risk 0.00cvss epss 0.01

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

  • CVE-2022-27946Mar 26, 2022
    risk 0.00cvss epss 0.03

    NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to admin_account.cgi.

  • CVE-2022-27947Mar 26, 2022
    risk 0.00cvss epss 0.03

    NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameter.

  • CVE-2022-27945Mar 26, 2022
    risk 0.00cvss epss 0.03

    NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi.

  • CVE-2020-26918Oct 9, 2020
    risk 0.00cvss epss 0.01

    Certain NETGEAR devices are affected by stored XSS. This affects EX7000 before 1.0.1.78, R6250 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R8300 before…

  • CVE-2017-18865May 5, 2020
    risk 0.00cvss epss 0.01

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

  • CVE-2017-18707Apr 24, 2020
    risk 0.00cvss epss 0.01

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R8300 before 1.0.2.106 and R8500 before 1.0.2.106.

  • CVE-2017-18708Apr 24, 2020
    risk 0.00cvss epss 0.00

    Certain NETGEAR devices are affected by CSRF. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94.

  • CVE-2017-18709Apr 24, 2020
    risk 0.00cvss epss 0.00

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94.

  • CVE-2017-18710Apr 24, 2020
    risk 0.00cvss epss 0.00

    Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R8300 before 1.0.2.106 and R8500 before 1.0.2.106.

  • CVE-2017-18741Apr 23, 2020
    risk 0.00cvss epss 0.00

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before…

  • CVE-2017-18759Apr 22, 2020
    risk 0.00cvss epss 0.01

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

  • CVE-2017-18797Apr 21, 2020
    risk 0.00cvss epss 0.00

    Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400 before 1.0.1.24, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

  • CVE-2017-18842Apr 20, 2020
    risk 0.00cvss epss 0.00

    Certain NETGEAR devices are affected by CSRF. This affects R7300 before 1.0.0.54, R8500 before 1.0.2.94, DGN2200v1 before 1.0.0.55, and D2200D/D2200DW-1FRNAS before 1.0.0.32.

  • CVE-2017-18848Apr 20, 2020
    risk 0.00cvss epss 0.00

    Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94.