VYPR

Vendor CVEs

Netgear

All CVEs

1,327 total · sorted by risk
  • CVE-2016-1555CriKEVApr 21, 2017
    risk 0.87cvss 9.8epss 0.98

    (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.

  • CVE-2016-10174CriKEVJan 30, 2017
    risk 0.85cvss 9.8epss 0.83

    The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.

  • CVE-2017-6077CriKEVFeb 22, 2017
    risk 0.84cvss 9.8epss 0.68

    ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.

  • CVE-2016-6277HigKEVDec 14, 2016
    risk 0.80cvss 8.8epss 1.00

    NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly…

  • CVE-2017-6862CriKEVMay 26, 2017
    risk 0.79cvss 9.8epss 0.43

    NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.

  • CVE-2017-6334HigKEVMar 6, 2017
    risk 0.78cvss 8.8epss 0.72

    dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.

  • CVE-2017-5521HigKEVJan 17, 2017
    risk 0.75cvss 8.1epss 0.89

    An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely…

  • CVE-2016-5674CriAug 31, 2016
    risk 0.74cvss 9.8epss 0.95

    __debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.

  • CVE-2016-10176CriJan 30, 2017
    risk 0.73cvss 9.8epss 0.77

    The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL,…

  • CVE-2016-1524CriFeb 13, 2016
    risk 0.73cvss 9.6epss 0.94

    Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via…

  • CVE-2016-10175CriJan 30, 2017
    risk 0.72cvss 9.8epss 0.65

    The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows…

  • CVE-2016-5675CriAug 31, 2016
    risk 0.72cvss 9.8epss 0.71

    handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.

  • CVE-2016-5649CriJul 24, 2018
    risk 0.66cvss 9.8epss 0.27

    A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin…

  • CVE-2016-1525HigFeb 13, 2016
    risk 0.65cvss 8.6epss 0.75

    Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.

  • CVE-2016-1557CriApr 21, 2017
    risk 0.64cvss 9.8epss 0.03

    Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.

  • CVE-2016-10115CriJan 4, 2017
    risk 0.64cvss 9.8epss 0.05

    NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access…

  • CVE-2016-5680HigAug 31, 2016
    risk 0.62cvss 8.8epss 0.17

    Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command.

  • CVE-2016-5679HigAug 31, 2016
    risk 0.61cvss 8.8epss 0.14

    cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.

  • CVE-2017-6366HigMar 15, 2017
    risk 0.60cvss 8.8epss 0.03

    Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue…

  • CVE-2026-3294HigMay 22, 2026
    risk 0.57cvss 8.8epss 0.00

    An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to…

  • CVE-2025-6565HigJun 24, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the…

  • CVE-2016-5676HigAug 31, 2016
    risk 0.56cvss 7.5epss 0.54

    cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.

  • CVE-2015-8263HigDec 27, 2015
    risk 0.56cvss 8.6epss 0.02

    NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port.

  • CVE-2013-10063MedAug 1, 2025
    risk 0.54cvss epss 0.01

    A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can…

  • CVE-2025-25246HigFeb 5, 2025
    risk 0.53cvss 8.1epss 0.01

    NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users.

  • CVE-2016-10116HigJan 4, 2017
    risk 0.53cvss 8.1epss 0.04

    NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it…

  • CVE-2016-5677HigAug 31, 2016
    risk 0.53cvss 7.5epss 0.12

    NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php…

  • CVE-2016-5638HigJul 24, 2018
    risk 0.49cvss 7.5epss 0.03

    There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or…

  • CVE-2016-1556HigApr 21, 2017
    risk 0.49cvss 7.5epss 0.03

    Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages.

  • CVE-2015-8289HigJun 20, 2016
    risk 0.49cvss 7.5epss 0.02

    The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.

  • CVE-2015-6312HigApr 6, 2016
    risk 0.49cvss 7.5epss 0.02

    Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.

  • CVE-2016-1349HigMar 26, 2016
    risk 0.49cvss 7.5epss 0.02

    The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.

  • CVE-2016-1348HigMar 26, 2016
    risk 0.49cvss 7.5epss 0.02

    Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.

  • CVE-2015-0718HigMar 3, 2016
    risk 0.49cvss 7.5epss 0.04

    Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session,…

  • CVE-2024-23690HigFeb 4, 2025
    risk 0.47cvss 7.2epss 0.01

    The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted "util backup_configuration" commands.

  • CVE-2026-9213MedJun 9, 2026
    risk 0.45cvss epss 0.00

    A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device.

  • CVE-2024-12147MedDec 4, 2024
    risk 0.42cvss 6.5epss 0.01

    A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to…

  • CVE-2024-6646MedJul 10, 2024
    risk 0.42cvss 5.3epss 0.46

    A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to…

  • CVE-2016-10106MedJan 3, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by…

  • CVE-2025-7407MedJul 10, 2025
    risk 0.41cvss 6.3epss 0.08

    A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument host_name leads to os command injection. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2015-8288MedJun 20, 2016
    risk 0.39cvss 5.9epss 0.02

    NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of…

  • CVE-2016-1344MedMar 26, 2016
    risk 0.39cvss 5.9epss 0.03

    The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.

  • CVE-2016-1346MedApr 6, 2016
    risk 0.38cvss 5.9epss 0.02

    The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673.

  • CVE-2026-9212MedJun 9, 2026
    risk 0.36cvss epss 0.00

    Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations.

  • CVE-2026-9211MedJun 9, 2026
    risk 0.34cvss epss 0.00

    An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.

  • CVE-2024-7153MedJul 27, 2024
    risk 0.34cvss 5.3epss 0.00

    A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the…

  • CVE-2026-9210MedJun 9, 2026
    risk 0.32cvss epss 0.00

    Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

  • CVE-2026-3088MedJun 9, 2026
    risk 0.32cvss epss 0.00

    Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.

  • CVE-2026-0409MedJun 9, 2026
    risk 0.31cvss epss 0.00

    A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR…

  • CVE-2026-0420MedJun 9, 2026
    risk 0.30cvss epss 0.00

    An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting the product's confidentiality. This vulnerability affects the listed…

Page 1 of 27