📦 R8500 Firmware
by Netgear
🔍 What is R8500 Firmware?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows unauthenticated remote attackers to execute arbitrary code on affected NETGEAR routers via a buffer overflow. It affects multiple NETGEAR router models running outdated firmw...
This CVE describes a critical buffer overflow vulnerability in multiple NETGEAR router models that allows unauthenticated remote attackers to execute arbitrary code. The vulnerability affects specific...
This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR routers and WiFi systems through command injection. It affects multiple NETGEAR models with specif...
CVE-2021-45621 is a critical command injection vulnerability affecting multiple NETGEAR routers, extenders, and WiFi systems. Unauthenticated attackers can execute arbitrary commands on affected devic...
This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected NETGEAR routers via command injection. It affects multiple NETGEAR router models running vulnerable firmwa...
This CVE describes a post-authentication buffer overflow vulnerability in multiple NETGEAR routers, extenders, and WiFi systems. An authenticated attacker could exploit this to execute arbitrary code ...
CVE-2020-35800 is a security misconfiguration vulnerability affecting numerous NETGEAR routers, range extenders, and Orbi WiFi systems. It allows attackers to bypass authentication and access administ...
This CVE describes a command injection vulnerability in specific Netgear router models via the wlg_adv.cgi component's apmode_gateway parameter. Attackers can execute arbitrary operating system comman...
This CVE describes a command injection vulnerability in Netgear R8500 routers that allows attackers to execute arbitrary operating system commands by sending specially crafted requests to the wiz_fix2...
This vulnerability allows attackers to execute arbitrary operating system commands on Netgear R8500 routers by sending specially crafted requests to the usb_remote_smb_conf.cgi endpoint. Attackers can...
This CVE describes a command injection vulnerability in specific Netgear router models that allows attackers to execute arbitrary operating system commands through the ap_mode.cgi component. Attackers...
This vulnerability allows attackers to execute arbitrary operating system commands on Netgear R8500 routers by sending specially crafted requests to the admin_account.cgi endpoint. Attackers can gain ...
This is a critical stack-based buffer overflow vulnerability in NETGEAR routers' httpd service that allows network-adjacent attackers to execute arbitrary code as root without authentication. It affec...
This vulnerability allows network-adjacent attackers to bypass authentication on NETGEAR R6700v3 routers by exploiting incorrect string matching logic in the httpd service. Attackers can combine this ...
CVE-2022-27945 is a command injection vulnerability in NETGEAR R8500 routers that allows authenticated remote attackers to execute arbitrary commands via shell metacharacters in password change parame...
This vulnerability allows remote authenticated attackers to execute arbitrary commands on NETGEAR R8500 routers by injecting shell metacharacters into CGI parameters. Attackers can gain full system co...
This vulnerability affects multiple NETGEAR routers and extenders that use weak cryptography implementations, potentially allowing attackers to decrypt sensitive communications or bypass authenticatio...
This is a critical buffer overflow vulnerability in NETGEAR R6400v2 routers that allows network-adjacent attackers to execute arbitrary code as root without authentication. The flaw exists in the UPnP...
This vulnerability allows attackers on the same network to execute arbitrary code as root on NETGEAR R6400 and R6700 routers without authentication. The flaw exists in the upnpd service, where a craft...
This vulnerability is a stack overflow in Netgear routers' pptp_user_ip parameter at wiz_pptp.cgi. Attackers can exploit it via crafted POST requests to cause Denial of Service (DoS), potentially cras...
This vulnerability is a stack overflow in specific Netgear router models via the pptp_user_ip parameter in the bsw_pptp.cgi script. Attackers can exploit it by sending a crafted POST request to cause ...
This vulnerability in Netgear R8500 routers allows attackers to cause a Denial of Service (DoS) by sending a specially crafted POST request to the ipv6_fix.cgi endpoint. The stack overflow in the ipv6...
This vulnerability in Netgear R8500 routers allows attackers to trigger a stack overflow via the sysDNSHost parameter in ddns.cgi, causing a Denial of Service (DoS) through a crafted POST request. It ...
Multiple Netgear router models contain stack overflow vulnerabilities in the ap_mode.cgi component via DNS parameters. Attackers can exploit these vulnerabilities by sending crafted POST requests to c...
This vulnerability in Netgear R8500 routers allows attackers to cause a Denial of Service (DoS) by sending a specially crafted POST request to the usb_remote_smb_conf.cgi endpoint. The stack overflow ...
This vulnerability allows attackers to cause a Denial of Service (DoS) on affected Netgear routers by sending a specially crafted POST request to the pptp.cgi endpoint. The stack overflow in the pptp_...
This CVE describes a command injection vulnerability in Netgear R8500 routers where attackers can execute arbitrary operating system commands by sending specially crafted requests to the password.cgi ...