📦 R7000p Firmware

A buffer overflow vulnerability in NETGEAR R6400v2 routers allows remote unauthenticated attackers to execute arbitrary code by sending a specially crafted URL to the httpd service. This affects all R...

A pre-authentication stack-based buffer overflow vulnerability in NETGEAR Nighthawk WiFi Mesh systems and routers allows remote attackers to execute arbitrary code without authentication. This affects...

This vulnerability in certain NETGEAR routers allows unauthorized disclosure of sensitive information. Attackers can potentially access confidential data stored on affected devices. Users with specifi...

This CVE describes a critical stack-based buffer overflow vulnerability in multiple NETGEAR router models that allows unauthenticated remote attackers to execute arbitrary code. The vulnerability affe...

This vulnerability allows unauthenticated remote attackers to execute arbitrary code on affected NETGEAR routers via a buffer overflow. It affects multiple NETGEAR router models running outdated firmw...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR devices via command injection. It affects multiple NETGEAR routers, extenders, and WiFi systems ru...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR routers via command injection. It affects multiple NETGEAR router models running vulnerable firmwa...

CVE-2021-45621 is a critical command injection vulnerability affecting multiple NETGEAR routers, extenders, and WiFi systems. Unauthenticated attackers can execute arbitrary commands on affected devic...

This CVE describes a post-authentication buffer overflow vulnerability in multiple NETGEAR routers, extenders, and WiFi systems. An authenticated attacker could exploit this to execute arbitrary code ...

This vulnerability allows attackers to bypass authentication on certain NETGEAR routers, potentially gaining unauthorized access to the device's administrative interface. It affects NETGEAR R7000P rou...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR devices via command injection. It affects multiple NETGEAR router and gateway models running vulne...

This CVE describes a missing function-level access control vulnerability in numerous NETGEAR routers, gateways, and WiFi systems. It allows attackers to bypass authentication and access administrative...

This CVE describes a critical buffer overflow vulnerability in multiple NETGEAR routers, range extenders, and Orbi WiFi systems. An unauthenticated attacker can exploit this remotely to execute arbitr...

CVE-2020-35800 is a security misconfiguration vulnerability affecting numerous NETGEAR routers, range extenders, and Orbi WiFi systems. It allows attackers to bypass authentication and access administ...

This vulnerability allows authenticated administrators on NETGEAR Nighthawk R7000P routers to execute arbitrary operating system commands through command injection. Attackers with admin credentials ca...

A critical buffer overflow vulnerability in Netgear R6900P and R7000P routers allows remote attackers to execute arbitrary code by sending specially crafted HTTP headers. This affects devices running ...

This CVE describes a command injection vulnerability in specific Netgear router models via the wlg_adv.cgi component's apmode_gateway parameter. Attackers can execute arbitrary operating system comman...

This CVE describes a command injection vulnerability in specific Netgear router models that allows attackers to execute arbitrary operating system commands via the wan_gateway parameter. Attackers can...

This CVE describes a command injection vulnerability in specific Netgear router models that allows attackers to execute arbitrary operating system commands through the ap_mode.cgi component. Attackers...

This is a critical stack-based buffer overflow vulnerability in NETGEAR routers' httpd service that allows network-adjacent attackers to execute arbitrary code as root without authentication. It affec...

This vulnerability allows network-adjacent attackers to bypass authentication on NETGEAR R6700v3 routers by exploiting incorrect string matching logic in the httpd service. Attackers can combine this ...

CVE-2022-27644 is a certificate validation vulnerability in NETGEAR R6700v3 routers that allows network-adjacent attackers to intercept HTTPS downloads. This can lead to arbitrary code execution as ro...

This vulnerability allows network-adjacent attackers to bypass authentication and execute arbitrary code with root privileges on NETGEAR R6700v3 routers by exploiting a stack-based buffer overflow in ...

This vulnerability in certain NETGEAR routers allows unauthorized disclosure of sensitive information. Attackers can potentially access confidential data stored on affected devices. Users of specific ...

This vulnerability allows authenticated attackers to execute arbitrary commands on affected NETGEAR routers. It affects R7000, R6900P, and R7000P models running outdated firmware versions. Attackers m...

This vulnerability allows authenticated users to execute arbitrary commands on affected NETGEAR routers, extenders, and WiFi systems. Attackers with valid credentials can inject malicious commands thr...

This vulnerability allows an authenticated attacker to trigger a buffer overflow on affected NETGEAR routers and extenders. Successful exploitation could lead to arbitrary code execution or device com...

This vulnerability allows an authenticated attacker to trigger a buffer overflow on affected NETGEAR routers. Successful exploitation could lead to remote code execution or denial of service. Only use...

This vulnerability affects multiple NETGEAR routers and extenders that use weak cryptography implementations, potentially allowing attackers to decrypt sensitive communications or bypass authenticatio...

This vulnerability allows attackers to bypass authentication on affected NETGEAR routers, potentially gaining unauthorized access to administrative interfaces. It affects specific NETGEAR router model...

This is a critical buffer overflow vulnerability in NETGEAR R6400v2 routers that allows network-adjacent attackers to execute arbitrary code as root without authentication. The flaw exists in the UPnP...

This vulnerability allows remote attackers to execute arbitrary code as root on affected NETGEAR routers via a man-in-the-middle attack. The Circle update daemon downloads unsigned updates over HTTP, ...

This vulnerability allows attackers on the same network to execute arbitrary code as root on NETGEAR R6400 and R6700 routers without authentication. The flaw exists in the upnpd service, where a craft...

This vulnerability allows unauthenticated attackers to reset passwords on affected NETGEAR routers and WiFi systems. Attackers can gain administrative access without credentials, compromising network ...

This vulnerability allows attackers to cause a Denial of Service (DoS) on affected Netgear routers by sending a specially crafted POST request that triggers a stack overflow in the pppoe_localip param...

This vulnerability allows attackers to cause a Denial of Service (DoS) on affected Netgear routers by sending a specially crafted POST request that triggers a stack overflow in the pppoe_localip param...

This vulnerability in Netgear R7000P routers allows attackers to trigger a stack overflow via the pptp_user_netmask parameter in the genie_pptp.cgi script. Attackers can cause a Denial of Service (DoS...

This vulnerability is a stack overflow in Netgear routers' pptp_user_ip parameter at wiz_pptp.cgi. Attackers can exploit it via crafted POST requests to cause Denial of Service (DoS), potentially cras...

This vulnerability is a stack overflow in specific Netgear router models via the pptp_user_ip parameter in the bsw_pptp.cgi script. Attackers can exploit it by sending a crafted POST request to cause ...

This vulnerability in Netgear R7000P routers allows attackers to cause a Denial of Service (DoS) by sending a specially crafted POST request to the pptp.cgi endpoint. The stack overflow in the pptp_us...

This vulnerability in Netgear R7000P routers allows attackers to trigger a stack overflow via the apn parameter in usbISP_detail_edit.cgi, leading to Denial of Service (DoS). Attackers can exploit thi...

Multiple Netgear router models contain stack overflow vulnerabilities in the ap_mode.cgi component via DNS parameters. Attackers can exploit these vulnerabilities by sending crafted POST requests to c...

This vulnerability allows attackers to cause a Denial of Service (DoS) on affected Netgear routers by sending a specially crafted POST request to the pptp.cgi endpoint. The stack overflow in the pptp_...