Netgear Security Vulnerabilities (CVEs)
Track 274 security vulnerabilities affecting Netgear products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A path traversal vulnerability in NETGEAR WiFi range extenders allows authenticated LAN attackers to access sensitive webproc files containing router ...
Jan 13, 2026An insufficient input validation vulnerability in NETGEAR Orbi routers' DHCPv6 functionality allows authenticated attackers on the same network (WiFi ...
Jan 13, 2026An authentication bypass vulnerability in NETGEAR Orbi routers allows local network users to access the administrative web interface without credentia...
Jan 13, 2026An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers on the local network to execute arbitrary OS commands through ...
Jan 13, 2026An insufficient input validation vulnerability in NETGEAR XR1000v2 routers allows attackers on the local network to execute arbitrary operating system...
Jan 13, 2026This CVE describes an authentication bypass vulnerability in NETGEAR WiFi range extenders that allows attackers on the same network to access the admi...
Jan 13, 2026This vulnerability allows authenticated local WiFi users to cause a denial of service by rebooting NETGEAR C6220 and C6230 cable modem/router devices....
Dec 9, 2025This vulnerability allows authenticated administrators on NETGEAR Nighthawk R7000P routers to execute arbitrary operating system commands through comm...
Dec 9, 2025This vulnerability in NETGEAR Nighthawk routers allows attackers on the WAN side to execute commands by manipulating DNS responses during speedtests. ...
Dec 9, 2025NETGEAR WAX610 and WAX610Y access points inadvertently record login credentials in syslog files when a syslog server is configured. This allows anyone...
Nov 11, 2025An improper input validation vulnerability in NETGEAR R6260 and R6850 routers allows unauthenticated attackers on the local network who can perform ma...
Nov 11, 2025This vulnerability allows attackers who can intercept and modify traffic destined for affected NETGEAR routers to execute arbitrary commands on the de...
Nov 11, 2025This vulnerability allows attackers with direct network access to the NETGEAR DGN2200v4 router to potentially execute arbitrary code on the device due...
Nov 11, 2025This CVE describes an authenticated OS command injection vulnerability in Netgear DGN1000B routers that allows authenticated attackers to execute arbi...
Aug 1, 2025This vulnerability allows attackers to upload malicious scripts with non-.php extensions that the Netgear RAX30 router's PHP-FPM configuration incorre...
Jul 21, 2025A stack-based buffer overflow vulnerability in Netgear XR300 routers allows attackers to execute arbitrary code or crash the device by sending special...
Jul 15, 2025This critical vulnerability in Netgear D6400 routers allows remote attackers to execute arbitrary operating system commands via command injection in t...
Jul 10, 2025A critical stack-based buffer overflow vulnerability in Netgear EX6150 firmware allows remote attackers to execute arbitrary code or crash the device....
Jun 23, 2025A critical stack-based buffer overflow vulnerability in Netgear EX6100 firmware allows remote attackers to execute arbitrary code on affected devices....
Jun 23, 2025A critical stack-based buffer overflow vulnerability in Netgear EX3700 devices allows remote attackers to execute arbitrary code or crash the system. ...
Jun 10, 2025This vulnerability in Netgear DGND3700 routers allows remote attackers to access sensitive information through the /currentsetting.htm file via the mi...
May 20, 2025This vulnerability allows remote attackers to bypass authentication on Netgear DGND3700 routers via manipulation of the /BRS_top.html file. Attackers ...
May 20, 2025This CVE describes a command injection vulnerability in NETGEAR RAX5 routers that allows attackers to execute arbitrary commands on the device. Attack...
May 5, 2025This vulnerability allows remote attackers to execute arbitrary commands on NETGEAR RAX5 routers by injecting malicious commands through the iface par...
May 5, 2025This vulnerability allows remote attackers to execute arbitrary commands on NETGEAR RAX5 routers by injecting malicious commands through the iface par...
May 5, 2025This vulnerability allows remote attackers to execute arbitrary commands on NETGEAR RAX5 routers by injecting malicious input into the devname paramet...
May 5, 2025A critical buffer overflow vulnerability in Netgear EX6200 routers allows remote attackers to execute arbitrary code by manipulating the 'host' argume...
May 1, 2025A critical buffer overflow vulnerability in Netgear EX6200 routers allows remote attackers to execute arbitrary code by manipulating the 'host' argume...
May 1, 2025A critical buffer overflow vulnerability in Netgear EX6200 routers allows remote attackers to execute arbitrary code by manipulating the host argument...
May 1, 2025A critical buffer overflow vulnerability in Netgear EX6200 wireless extenders allows remote attackers to execute arbitrary code by manipulating the 'h...
Apr 30, 2025A critical buffer overflow vulnerability in Netgear EX6120 WiFi extender firmware allows remote attackers to execute arbitrary code or crash the devic...
Apr 30, 2025A critical buffer overflow vulnerability in Netgear EX6120's fwAcosCgiInbound function allows remote attackers to execute arbitrary code by manipulati...
Apr 30, 2025This CVE describes a critical command injection vulnerability in Netgear WG302v2 wireless access points. Attackers can remotely execute arbitrary comm...
Apr 30, 2025A critical buffer overflow vulnerability in Netgear JWNR2000v2 routers allows remote attackers to execute arbitrary code by manipulating the 'host' ar...
Apr 30, 2025A critical buffer overflow vulnerability in Netgear JWNR2000v2 routers allows remote attackers to execute arbitrary code by manipulating the host argu...
Apr 30, 2025A critical buffer overflow vulnerability in Netgear JWNR2000v2 routers allows remote attackers to execute arbitrary code by manipulating the host argu...
Apr 30, 2025A buffer overflow vulnerability in Netgear R61 router firmware allows remote attackers to execute arbitrary code by sending specially crafted QUERY_ST...
Apr 17, 2025This CVE describes a critical stack-based buffer overflow vulnerability in Netgear WNR854T routers that allows remote attackers to execute arbitrary c...
Mar 31, 2025This vulnerability allows remote attackers to execute arbitrary code on Netgear WNR854T routers via a stack-based buffer overflow in the UPnP service....
Mar 31, 2025This vulnerability allows remote attackers to execute arbitrary commands on Netgear WNR854T routers by sending a specially crafted request to post.cgi...
Mar 31, 2025CVE-2024-54806 allows remote attackers to execute arbitrary system commands on Netgear WNR854T routers through the cmd.cgi web interface. This affects...
Mar 31, 2025Netgear DC112A V1.0.0.64 contains an OS command injection vulnerability in the usb_adv.cgi endpoint that allows remote attackers to execute arbitrary ...
Mar 28, 2025This vulnerability exposes Netgear C7800 router administrative credentials to eavesdropping attacks. Attackers can intercept base64-encoded credential...
Feb 18, 2025This CVE describes an authentication bypass vulnerability in NETGEAR DGN1000 routers that allows remote unauthenticated attackers to execute arbitrary...
Jan 10, 2025A critical buffer overflow vulnerability in Netgear R6900P and R7000P routers allows remote attackers to execute arbitrary code by sending specially c...
Dec 27, 2024This vulnerability allows network-adjacent attackers to execute arbitrary code as root on NETGEAR RAX30 routers without authentication. The flaw exist...
Nov 22, 2024This CVE describes a command injection vulnerability in specific Netgear router models via the wlg_adv.cgi component's apmode_gateway parameter. Attac...
Nov 5, 2024This vulnerability allows attackers to cause a Denial of Service (DoS) on affected Netgear routers by sending a specially crafted POST request that tr...
Nov 5, 2024This vulnerability allows attackers to cause a Denial of Service (DoS) on affected Netgear routers by sending a specially crafted POST request that tr...
Nov 5, 2024This vulnerability in Netgear R7000P routers allows attackers to trigger a stack overflow via the pptp_user_netmask parameter in the genie_pptp.cgi sc...
Nov 5, 2024Why Monitor Netgear Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 274+ known vulnerabilities affecting Netgear products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Netgear packages in under 60 seconds. No agents required - completely agentless scanning that works across Netgear deployments.
Free vulnerability database: Access detailed information about every Netgear CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Netgear CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
