Netgear Security Vulnerabilities (CVEs)
Track 274 security vulnerabilities affecting Netgear products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows network-adjacent attackers to bypass authentication and access plaintext configuration secrets stored on NETGEAR RAX30 route...
May 3, 2024This vulnerability allows network-adjacent attackers to execute arbitrary code as root on NETGEAR RAX30 routers without authentication, due to a misco...
May 3, 2024This vulnerability allows network-adjacent attackers to access sensitive information from NETGEAR RAX30 routers without authentication. The flaw exist...
May 3, 2024This vulnerability allows network-adjacent attackers to execute SQL injection via unauthenticated SOAP requests on NETGEAR RAX30 routers, potentially ...
May 3, 2024This vulnerability allows remote attackers to execute arbitrary commands on Netgear R6850 routers by injecting malicious input into the c4-IPAddr para...
Apr 3, 2024This vulnerability allows unauthenticated attackers to access sensitive information from Netgear R6850 routers via the BRS_top.html component. It affe...
Apr 3, 2024This vulnerability allows unauthenticated attackers to access sensitive information from Netgear CBR40, CBK40, and CBK43 routers via the currentsettin...
Mar 12, 2024This CVE describes a stack-based buffer overflow vulnerability in Netgear RAX30 routers' JSON parsing functionality. An authenticated attacker can sen...
Mar 7, 2024This vulnerability allows authenticated attackers to execute arbitrary commands on NETGEAR WNR2000v4 routers via HTTP SOAP authentication. Attackers w...
Dec 15, 2023A stack-based buffer overflow vulnerability exists in the httpd service of Netgear Orbi RBR750 routers running firmware versions before V7.2.6.21. Thi...
Dec 8, 2023This vulnerability allows unauthenticated remote attackers to execute arbitrary code on NETGEAR ProSAFE Network Management System devices by exploitin...
Nov 29, 2023A buffer overflow vulnerability in NETGEAR R6400v2 routers allows remote unauthenticated attackers to execute arbitrary code by sending a specially cr...
Sep 1, 2023This vulnerability allows remote attackers to execute arbitrary code on affected Netgear devices via buffer overflows in authentication parameters. At...
Aug 7, 2023This vulnerability allows remote attackers to execute arbitrary code on Netgear XR300 routers via buffer overflows in the wla_ssid and wlg_ssid parame...
Aug 7, 2023This vulnerability allows remote attackers to execute arbitrary code on Netgear DG834Gv5 routers via buffer overflows in the wla_ssid and wla_temp_ssi...
Aug 7, 2023This vulnerability allows remote attackers to execute arbitrary code on affected Netgear devices via buffer overflows in authentication parameters. At...
Aug 7, 2023This vulnerability allows remote attackers to execute arbitrary code on affected Netgear devices via a buffer overflow in the password.cgi script. Att...
Aug 7, 2023This vulnerability allows remote attackers to execute arbitrary commands on Netgear R7100LG routers by injecting malicious code into the password para...
Aug 7, 2023This vulnerability allows authenticated attackers to execute arbitrary code on Netgear R6250 routers by exploiting a buffer overflow. Attackers who ga...
Jun 20, 2023This CVE describes a command injection vulnerability in Netgear R6250 routers that allows authenticated attackers to execute arbitrary commands with s...
Jun 6, 2023A buffer overflow vulnerability in Netgear R6900, R6700v3, and R6700 routers allows remote attackers to execute arbitrary code or cause denial of serv...
Apr 26, 2023This vulnerability allows network-adjacent attackers to bypass authentication on NETGEAR R6700v3 routers by exploiting incorrect string matching logic...
Mar 29, 2023CVE-2022-27644 is a certificate validation vulnerability in NETGEAR R6700v3 routers that allows network-adjacent attackers to intercept HTTPS download...
Mar 29, 2023This vulnerability allows network-adjacent attackers to bypass authentication and execute arbitrary code with root privileges on NETGEAR R6700v3 route...
Mar 29, 2023This CVE describes a command injection vulnerability in Netgear Orbi RBR750 routers running firmware version 4.6.8.5. An authenticated attacker can se...
Mar 21, 2023This vulnerability allows remote attackers to execute arbitrary commands on Netgear Orbi Satellite RBS750 devices by sending specially crafted JSON ob...
Mar 21, 2023This vulnerability allows attackers to upload malicious firmware to Netgear Nighthawk RAX30 routers by exploiting a hidden 'forceFWUpdate' parameter t...
Mar 15, 2023CVE-2023-1327 is an authentication bypass vulnerability in Netgear RAX30 routers that allows unauthenticated attackers to reset the admin password and...
Mar 14, 2023This vulnerability allows unauthenticated attackers to access a configuration page containing the switch's administrative password in plain text throu...
Feb 15, 2023A pre-authentication stack-based buffer overflow vulnerability in NETGEAR Nighthawk WiFi Mesh systems and routers allows remote attackers to execute a...
Feb 13, 2023This CVE describes a firmware modification vulnerability in multiple Netgear router models where firmware integrity checks use a fixed checksum. Attac...
Feb 2, 2023This CVE describes a SQL injection vulnerability in NETGEAR ProSafe SSL VPN firmware that allows attackers to execute arbitrary SQL commands via the U...
May 13, 2022CVE-2022-27945 is a command injection vulnerability in NETGEAR R8500 routers that allows authenticated remote attackers to execute arbitrary commands ...
Mar 26, 2022This vulnerability allows remote authenticated attackers to execute arbitrary commands on NETGEAR R8500 routers by injecting shell metacharacters into...
Mar 26, 2022A stack overflow vulnerability in the upnpd service of affected Netgear devices allows unauthenticated attackers to execute arbitrary code remotely. T...
Mar 18, 2022This vulnerability allows remote attackers to access the 'MNU_top.htm' page on Netgear WAC104 access points without authentication, exposing sensitive...
Mar 17, 2022This vulnerability allows network-adjacent attackers to bypass authentication on NETGEAR R7000 routers by exploiting a flaw in SOAP request processing...
Jan 13, 2022CVE-2021-34979 is a buffer overflow vulnerability in NETGEAR R6260 routers that allows network-adjacent attackers to execute arbitrary code as root wi...
Jan 13, 2022CVE-2021-45732 is a hardcoded credential vulnerability in Netgear Nighthawk R6700 routers that allows attackers to decrypt configuration backups, modi...
Dec 30, 2021This vulnerability allows remote attackers to execute arbitrary commands on Netgear RAX43 routers by injecting malicious commands into the name parame...
Dec 30, 2021CVE-2021-20170 is a hardcoded credential vulnerability in Netgear RAX43 routers that allows attackers to decrypt configuration backups using the passw...
Dec 30, 2021This CVE describes a local privilege escalation vulnerability in Netgear Genie Installer for macOS. An attacker with local access can overwrite specif...
Dec 30, 2021This vulnerability exposes Netgear Nighthawk R6700 router credentials to interception by using unencrypted HTTP instead of HTTPS for web interface com...
Dec 30, 2021NETGEAR RAX200 routers running firmware before version 1.0.5.132 contain insecure code that could allow remote attackers to execute arbitrary commands...
Dec 26, 2021This vulnerability in certain NETGEAR routers allows unauthorized disclosure of sensitive information. Attackers can potentially access confidential d...
Dec 26, 2021This vulnerability in certain NETGEAR routers allows unauthorized disclosure of sensitive information. Attackers can potentially access confidential d...
Dec 26, 2021This vulnerability in NETGEAR Orbi WiFi systems allows unauthorized disclosure of sensitive information from affected devices. It impacts NETGEAR RBK3...
Dec 26, 2021NETGEAR XR1000 routers running firmware versions before 1.0.0.58 contain a vulnerability that allows unauthorized disclosure of sensitive information....
Dec 26, 2021This CVE describes a server-side injection vulnerability in multiple NETGEAR router and WiFi system models, allowing attackers to execute arbitrary co...
Dec 26, 2021This CVE describes a server-side injection vulnerability affecting multiple NETGEAR routers, extenders, and WiFi systems. Attackers can inject malicio...
Dec 26, 2021Why Monitor Netgear Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 274+ known vulnerabilities affecting Netgear products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Netgear packages in under 60 seconds. No agents required - completely agentless scanning that works across Netgear deployments.
Free vulnerability database: Access detailed information about every Netgear CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Netgear CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
