Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netgear netgear router vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-37337
A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Netgear Rbs750 Firmware 4.6.8.5
1 Article
8.8
CVSSv3
CVE-2022-38452
A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
Netgear Rbs750 Firmware 4.6.8.5
1 Article
8.8
CVSSv3
CVE-2019-13395
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings, or even upload an entire malicious configuration file.
Netgear Cg3700b Firmware 2.02.03
9.8
CVSSv3
CVE-2013-3072
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administra...
Netgear Wndr4700 Firmware 1.0.0.34
7.5
CVSSv3
CVE-2019-5055
An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMessage> service can cause ...
Netgear Wnr2000 Firmware 1.0.0.70
9.4
CVSSv3
CVE-2019-17137
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pro...
Netgear Ac1200 R6220 Firmware 1.1.0.86
1 Github repository
8.8
CVSSv3
CVE-2020-10923
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens ...
Netgear R6700 Firmware 1.0.4.84 10.0.58
1 Metasploit module
8.8
CVSSv3
CVE-2020-10924
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ...
Netgear R6700 Firmware 1.0.4.84 10.0.58
1 Metasploit module
NA
CVE-2016-582384
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to pre...
1 Article
NA
CVE-2024-36788
Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows malicious users to possibly intercept and access sensitive communications between the router and connected devices.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5