Vendor CVEs
Netgear
All CVEs
1,327 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-2032 | 0.03 | — | 0.03 | May 24, 2004 | Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. | |||
| CVE-2003-1427 | 0.03 | — | 0.03 | Dec 31, 2003 | Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | |||
| CVE-2024-42756 | 0.02 | — | 0.14 | Aug 23, 2024 | An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via the Diagnostics page | |||
| CVE-2023-50231 | 0.02 | — | 0.53 | May 3, 2024 | NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Minimal user interaction is… | |||
| CVE-2023-38095 | 0.02 | — | 0.62 | May 3, 2024 | NETGEAR ProSAFE Network Management System MFileUploadController Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although… | |||
| CVE-2024-30569 | 0.02 | — | 0.02 | Apr 3, 2024 | An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | |||
| CVE-2024-30571 | 0.02 | — | 0.14 | Apr 3, 2024 | An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | |||
| CVE-2023-38925 | 0.02 | — | 0.15 | Aug 7, 2023 | Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi. | |||
| CVE-2020-15636 | 0.02 | — | 0.09 | Aug 19, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific… | |||
| CVE-2024-57230 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. | |||
| CVE-2024-57232 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. | |||
| CVE-2024-57234 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. | |||
| CVE-2024-57233 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. | |||
| CVE-2024-57229 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. | |||
| CVE-2024-57235 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. | |||
| CVE-2024-57231 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. | |||
| CVE-2025-29044 | 0.01 | — | 0.01 | Apr 17, 2025 | Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value | |||
| CVE-2025-28219 | 0.01 | — | 0.12 | Mar 28, 2025 | Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request. | |||
| CVE-2024-35517 | 0.01 | — | 0.14 | Oct 11, 2024 | Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter. | |||
| CVE-2024-6814 | 0.01 | — | 0.02 | Aug 21, 2024 | NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to… | |||
| CVE-2024-6813 | 0.01 | — | 0.02 | Aug 21, 2024 | NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to… | |||
| CVE-2023-44449 | 0.01 | — | 0.53 | May 3, 2024 | NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to… | |||
| CVE-2024-30570 | 0.01 | — | 0.01 | Apr 3, 2024 | An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | |||
| CVE-2023-49007 | 0.01 | — | 0.09 | Dec 8, 2023 | In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd. | |||
| CVE-2023-34563 | 0.01 | — | 0.14 | Jun 20, 2023 | netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. | |||
| CVE-2023-33533 | 0.01 | — | 0.03 | Jun 6, 2023 | Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into… | |||
| CVE-2023-33532 | 0.01 | — | 0.19 | Jun 6, 2023 | There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges. | |||
| CVE-2022-27646 | 0.01 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The… | |||
| CVE-2022-30079 | 0.01 | — | 0.24 | Sep 8, 2022 | Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter. | |||
| CVE-2021-20173 | 0.01 | — | 0.03 | Dec 30, 2021 | Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values. | |||
| CVE-2021-33514 | 0.01 | — | 0.09 | May 21, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. This affects… | |||
| CVE-2020-15416 | 0.01 | — | 0.06 | Jul 28, 2020 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on… | |||
| CVE-2019-5054 | 0.01 | — | 0.03 | Sep 11, 2019 | An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null… | |||
| CVE-2017-18378 | 0.01 | — | 0.08 | Jun 11, 2019 | In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir'] is not escaped and is passed to system() through $tmp_upload_dir, leading to upgrade_handle.php?cmd=writeuploaddir remote command execution. | |||
| CVE-2022-40620 | 0.00 | — | 0.00 | Jan 28, 2026 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker (suitably positioned on the network) could intercept the update… | |||
| CVE-2022-40619 | 0.00 | — | 0.02 | Jan 28, 2026 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. This… | |||
| CVE-2026-0404 | 0.00 | — | 0.01 | Jan 13, 2026 | An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default. | |||
| CVE-2026-0408 | 0.00 | — | 0.00 | Jan 13, 2026 | A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI. | |||
| CVE-2026-0407 | 0.00 | — | 0.00 | Jan 13, 2026 | An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel. | |||
| CVE-2026-0406 | 0.00 | — | 0.00 | Jan 13, 2026 | An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections. | |||
| CVE-2026-0405 | 0.00 | — | 0.00 | Jan 13, 2026 | An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin. | |||
| CVE-2026-0403 | 0.00 | — | 0.00 | Jan 13, 2026 | An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections. | |||
| CVE-2025-50526 | 0.00 | — | 0.01 | Dec 23, 2025 | Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function. | |||
| CVE-2025-45493 | 0.00 | — | 0.01 | Dec 23, 2025 | Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the action_bandwidth function. | |||
| CVE-2025-12946 | 0.00 | — | 0.00 | Dec 9, 2025 | A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are… | |||
| CVE-2025-12945 | 0.00 | — | 0.02 | Dec 9, 2025 | A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154. | |||
| CVE-2025-12941 | 0.00 | — | 0.00 | Dec 9, 2025 | Denial of Service Vulnerability in NETGEAR C6220 and C6230 (DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users reboot the router. | |||
| CVE-2025-12944 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4… | |||
| CVE-2025-12943 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined to the device to execute… | |||
| CVE-2025-12942 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through… |
- CVE-2004-2032May 24, 2004risk 0.03cvss —epss 0.03
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
- CVE-2003-1427Dec 31, 2003risk 0.03cvss —epss 0.03
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter.
- CVE-2024-42756Aug 23, 2024risk 0.02cvss —epss 0.14
An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via the Diagnostics page
- CVE-2023-50231May 3, 2024risk 0.02cvss —epss 0.53
NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Minimal user interaction is…
- CVE-2023-38095May 3, 2024risk 0.02cvss —epss 0.62
NETGEAR ProSAFE Network Management System MFileUploadController Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although…
- CVE-2024-30569Apr 3, 2024risk 0.02cvss —epss 0.02
An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
- CVE-2024-30571Apr 3, 2024risk 0.02cvss —epss 0.14
An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
- CVE-2023-38925Aug 7, 2023risk 0.02cvss —epss 0.15
Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi.
- CVE-2020-15636Aug 19, 2020risk 0.02cvss —epss 0.09
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific…
- CVE-2024-57230May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
- CVE-2024-57232May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
- CVE-2024-57234May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
- CVE-2024-57233May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
- CVE-2024-57229May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
- CVE-2024-57235May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
- CVE-2024-57231May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
- CVE-2025-29044Apr 17, 2025risk 0.01cvss —epss 0.01
Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value
- CVE-2025-28219Mar 28, 2025risk 0.01cvss —epss 0.12
Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request.
- CVE-2024-35517Oct 11, 2024risk 0.01cvss —epss 0.14
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter.
- CVE-2024-6814Aug 21, 2024risk 0.01cvss —epss 0.02
NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…
- CVE-2024-6813Aug 21, 2024risk 0.01cvss —epss 0.02
NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…
- CVE-2023-44449May 3, 2024risk 0.01cvss —epss 0.53
NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…
- CVE-2024-30570Apr 3, 2024risk 0.01cvss —epss 0.01
An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
- CVE-2023-49007Dec 8, 2023risk 0.01cvss —epss 0.09
In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd.
- CVE-2023-34563Jun 20, 2023risk 0.01cvss —epss 0.14
netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.
- CVE-2023-33533Jun 6, 2023risk 0.01cvss —epss 0.03
Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into…
- CVE-2023-33532Jun 6, 2023risk 0.01cvss —epss 0.19
There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges.
- CVE-2022-27646Mar 29, 2023risk 0.01cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The…
- CVE-2022-30079Sep 8, 2022risk 0.01cvss —epss 0.24
Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter.
- CVE-2021-20173Dec 30, 2021risk 0.01cvss —epss 0.03
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values.
- CVE-2021-33514May 21, 2021risk 0.01cvss —epss 0.09
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. This affects…
- CVE-2020-15416Jul 28, 2020risk 0.01cvss —epss 0.06
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on…
- CVE-2019-5054Sep 11, 2019risk 0.01cvss —epss 0.03
An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null…
- CVE-2017-18378Jun 11, 2019risk 0.01cvss —epss 0.08
In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir'] is not escaped and is passed to system() through $tmp_upload_dir, leading to upgrade_handle.php?cmd=writeuploaddir remote command execution.
- CVE-2022-40620Jan 28, 2026risk 0.00cvss —epss 0.00
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker (suitably positioned on the network) could intercept the update…
- CVE-2022-40619Jan 28, 2026risk 0.00cvss —epss 0.02
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. This…
- CVE-2026-0404Jan 13, 2026risk 0.00cvss —epss 0.01
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default.
- CVE-2026-0408Jan 13, 2026risk 0.00cvss —epss 0.00
A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI.
- CVE-2026-0407Jan 13, 2026risk 0.00cvss —epss 0.00
An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel.
- CVE-2026-0406Jan 13, 2026risk 0.00cvss —epss 0.00
An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections.
- CVE-2026-0405Jan 13, 2026risk 0.00cvss —epss 0.00
An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.
- CVE-2026-0403Jan 13, 2026risk 0.00cvss —epss 0.00
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.
- CVE-2025-50526Dec 23, 2025risk 0.00cvss —epss 0.01
Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function.
- CVE-2025-45493Dec 23, 2025risk 0.00cvss —epss 0.01
Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the action_bandwidth function.
- CVE-2025-12946Dec 9, 2025risk 0.00cvss —epss 0.00
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are…
- CVE-2025-12945Dec 9, 2025risk 0.00cvss —epss 0.02
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154.
- CVE-2025-12941Dec 9, 2025risk 0.00cvss —epss 0.00
Denial of Service Vulnerability in NETGEAR C6220 and C6230 (DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users reboot the router.
- CVE-2025-12944Nov 11, 2025risk 0.00cvss —epss 0.00
Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4…
- CVE-2025-12943Nov 11, 2025risk 0.00cvss —epss 0.00
Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined to the device to execute…
- CVE-2025-12942Nov 11, 2025risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through…
Page 3 of 27