Latest netgear rax43 Vulnerabilities

CVE-2022-27642
(Pwn2Own) NETGEAR R6700v3 httpd Authentication Bypass Vulnerability
NETGEAR R6400v2<2.1.3.7
NETGEAR R6400v2
Netgear Lax20 Firmware<1.1.6.34
Netgear Lax20
Netgear Mr60 Firmware<1.1.6.124
Netgear Mr60
and 63 more
CVE-2022-27645
(Pwn2Own) NETGEAR R6700v3 readycloud_control.cgi Authentication Bypass Vulnerability
Netgear Lax20 Firmware<1.1.6.34
Netgear Lax20
Netgear R6400 Firmware<1.0.4.126
NETGEAR R6400=v2
Netgear R6700 Firmware<1.0.4.126
NETGEAR R6700=v3
and 41 more
CVE-2022-27647
(Pwn2Own) NETGEAR R6700v3 libreadycloud.so Command Injection Remote Code Execution Vulnerability
NETGEAR R6400v2<2.1.3.7
NETGEAR R6400v2
Netgear Lax20 Firmware<1.1.6.34
Netgear Lax20
Netgear Mr60 Firmware<1.1.6.124
Netgear Mr60
and 63 more
CVE-2021-20169
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive inform...
Netgear Rax43 Firmware=1.0.3.96
Netgear RAX43
CVE-2021-20168
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connect...
Netgear Rax43 Firmware=1.0.3.96
Netgear RAX43
CVE-2021-20170
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encryp...
Netgear Rax43 Firmware=1.0.3.96
Netgear RAX43
CVE-2021-20171
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin...
Netgear Rax43 Firmware=1.0.3.96
Netgear RAX43
CVE-2021-20167
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter.
Netgear Rax43 Firmware=1.0.3.96
Netgear RAX43
CVE-2021-20166
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection contr...
Netgear Rax43 Firmware=1.0.3.96
Netgear RAX43
CVE-2021-45622
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX750...
Netgear Cbr40 Firmware<2.5.0.24
Netgear Cbr40
Netgear Cbr750 Firmware<4.6.3.6
Netgear Cbr750
Netgear Eax20 Firmware<1.0.0.58
Netgear Eax20
and 74 more
CVE-2021-45613
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK6...
Netgear Cbr40 Firmware<2.5.0.24
Netgear Cbr40
Netgear Cbr750 Firmware<4.6.3.6
Netgear Cbr750
NETGEAR R6400v2<1.0.0.74
NETGEAR R6400v2
and 46 more
CVE-2021-45612
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX750...
Netgear Cbr40 Firmware<2.5.0.24
Netgear Cbr40
Netgear Cbr750 Firmware<4.6.3.6
Netgear Cbr750
Netgear Eax20 Firmware<1.0.0.58
Netgear Eax20
and 72 more
CVE-2021-45620
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20...
Netgear Cbr40 Firmware<2.5.0.24
Netgear Cbr40
Netgear Cbr750 Firmware<4.6.3.6
Netgear Cbr750
Netgear Eax20 Firmware<1.0.0.58
Netgear Eax20
and 78 more
CVE-2021-45616
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60...
Netgear Cbr750 Firmware<3.2.18.2
Netgear Cbr750
Netgear Lax20 Firmware<1.1.6.28
Netgear Lax20
Netgear Mk62 Firmware<1.0.6.116
Netgear Mk62
and 58 more
CVE-2021-45621
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX37...
Netgear Cbr40 Firmware<2.5.0.24
Netgear Cbr40
Netgear Cbr750 Firmware<3.2.18.2
Netgear Cbr750
Netgear Eax20 Firmware<1.0.0.58
Netgear Eax20
and 90 more
CVE-2021-45604
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.6...
Netgear Cbr750 Firmware<3.2.18.2
Netgear Cbr750
Netgear D6220 Firmware<1.0.0.68
NETGEAR D6220
NETGEAR R6400v2<1.0.0.102
Netgear D6400
and 72 more
CVE-2021-45549
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 before 1.1.6.122, MR60 before 1.1.6.122, MS60 before 1.1.6.122, R6400v2 bef...
Netgear Lax20 Firmware<1.1.6.28
Netgear Lax20
Netgear Mk62 Firmware<1.1.6.122
Netgear Mk62
Netgear Mr60 Firmware<1.1.6.122
Netgear Mr60
and 48 more
CVE-2021-34991
NETGEAR R6400v2 UPnP uuid Stack-based Buffer Overflow Remote Code Execution Vulnerability
Netgear Ex3700 Firmware<1.0.0.94
Netgear Ex3700
Netgear Ex3800 Firmware<1.0.0.94
Netgear Ex3800
Netgear Ex6120 Firmware<1.0.0.66
Netgear Ex6120
and 83 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203