📦 Rax30 Firmware

This vulnerability allows attackers to upload malicious scripts with non-.php extensions that the Netgear RAX30 router's PHP-FPM configuration incorrectly executes as PHP code. This bypasses standard ...

CVE-2023-1327 is an authentication bypass vulnerability in Netgear RAX30 routers that allows unauthenticated attackers to reset the admin password and gain full administrative access to the web manage...

This vulnerability allows attackers who can intercept and modify traffic destined for affected NETGEAR routers to execute arbitrary commands on the device. It affects NETGEAR RAX30 and RAXE300 routers...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on NETGEAR RAX30 routers without authentication. The flaw exists in the fing_dil service due to improper length v...

This vulnerability allows attackers on the same local network to execute arbitrary commands with root privileges on NETGEAR RAX30 routers without authentication. The flaw exists in the UPnP service du...

This is a critical stack-based buffer overflow vulnerability in NETGEAR RAX30 routers that allows network-adjacent attackers to execute arbitrary code as root without authentication. The flaw exists i...

This vulnerability allows network-adjacent attackers to execute arbitrary code on NETGEAR RAX30 routers without authentication. Attackers can exploit a stack-based buffer overflow in the soap_serverd ...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on NETGEAR RAX30 routers without authentication, due to a misconfiguration in the lighttpd HTTP server that permi...

This vulnerability allows network-adjacent attackers to execute SQL injection via unauthenticated SOAP requests on NETGEAR RAX30 routers, potentially leading to remote code execution. Attackers can ex...

This CVE describes a stack-based buffer overflow vulnerability in Netgear RAX30 routers' JSON parsing functionality. An authenticated attacker can send a specially crafted HTTP request to execute arbi...

This vulnerability allows attackers to upload malicious firmware to Netgear Nighthawk RAX30 routers by exploiting a hidden 'forceFWUpdate' parameter that bypasses validation checks. This affects all u...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on NETGEAR RAX30 routers by exploiting a stack-based buffer overflow in the telnet CLI service. Although authenti...

This vulnerability allows physically present attackers to access arbitrary files on NETGEAR RAX30 routers by exploiting improper symbolic link handling on USB media. Attackers can read sensitive syste...

This vulnerability allows network-adjacent attackers to bypass authentication and access plaintext configuration secrets stored on NETGEAR RAX30 routers. Attackers can steal stored credentials like ad...

This vulnerability allows network-adjacent attackers to access sensitive information from NETGEAR RAX30 routers without authentication. The flaw exists in SOAP request handling where authentication ch...