cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-34983,https://securityvulnerability.io/vulnerability/CVE-2021-34983,Information Disclosure Risk in NETGEAR Multiple Routers,"A critical information disclosure vulnerability exists in multiple NETGEAR routers due to a flaw in the httpd service, which operates on TCP port 80. This weakness enables attackers within network proximity to access sensitive information without any authentication requirements. By exploiting this vulnerability, an attacker can reveal stored credentials and other sensitive configuration details, thereby facilitating further unauthorized access or compromise of the affected devices. NETGEAR has acknowledged this issue and is taking steps to address the risk across their product range.",Netgear,Multiple Routers,6.5,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-05-07T22:54:51.052Z,0
CVE-2021-34982,https://securityvulnerability.io/vulnerability/CVE-2021-34982,Stack-based Buffer Overflow Remote Code Execution Vulnerability,"A vulnerability exists in the httpd service of multiple NETGEAR routers, which can lead to remote code execution. The issue arises when the service fails to properly validate the length of user-supplied data during the parsing of the strings file. This flaw creates a stack-based buffer overflow condition. Attackers with network adjacency can exploit this vulnerability without any authentication, allowing them to execute arbitrary code with root privileges. The impacted devices listen on TCP port 80 by default, providing a pathway for exploitation.",Netgear,Multiple Routers,8.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-05-07T22:54:50.139Z,0
CVE-2023-35721,https://securityvulnerability.io/vulnerability/CVE-2023-35721,NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution Vulnerability,"An improper certificate validation vulnerability affects several versions of NETGEAR routers, allowing potential exploitation by network-adjacent attackers. This vulnerability arises from inadequate validation of the certificate presented by the update server. In successful exploits, this misconfiguration could allow attackers to execute arbitrary code with root privileges, effectively compromising the integrity of any downloaded information. As this flaw does not require authentication, it represents a significant risk for users who have not applied necessary firmware updates and security measures. Organizations utilizing affected NETGEAR routers should prioritize patching and monitoring security advisories to mitigate potential threats.",Netgear,Multiple Routers,8.1,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-05-03T01:57:40.905Z,0
CVE-2021-34865,https://securityvulnerability.io/vulnerability/CVE-2021-34865,Authentication Bypass in NETGEAR Routers,"This vulnerability enables network-adjacent attackers to bypass authentication protocols on certain NETGEAR routers, thanks to a flaw in the mini_httpd service operating on TCP port 80. The weakness arises from improper string matching logic that allows unauthorized access to protected resources. By exploiting this vulnerability, attackers can escalate their privileges and execute arbitrary code with root-level access, potentially compromising the entire router and connected network.",Netgear,Multiple Routers,8.8,HIGH,0.004350000061094761,false,,false,false,false,,,false,false,,2022-01-25T15:30:34.000Z,0
CVE-2021-27239,https://securityvulnerability.io/vulnerability/CVE-2021-27239,,"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.",Netgear,Multiple Routers,8.8,HIGH,0.001970000099390745,false,,false,false,false,,,false,false,,2021-03-29T21:05:29.000Z,0
CVE-2020-27866,https://securityvulnerability.io/vulnerability/CVE-2020-27866,,"This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-11355.",Netgear,Multiple Routers,8.8,HIGH,0.00795000046491623,false,,false,false,false,,,false,false,,2021-02-12T00:15:00.000Z,0
CVE-2020-27867,https://securityvulnerability.io/vulnerability/CVE-2020-27867,,"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. When parsing the funjsq_access_token parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11653.",Netgear,Multiple Routers,6.8,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2021-02-12T00:15:00.000Z,0
CVE-2020-17409,https://securityvulnerability.io/vulnerability/CVE-2020-17409,,"This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10754.",Netgear,Multiple Routers,6.5,MEDIUM,0.002950000111013651,false,,false,false,false,,,false,false,,2020-10-13T17:10:43.000Z,0
CVE-2020-15636,https://securityvulnerability.io/vulnerability/CVE-2020-15636,,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the check_ra service. A crafted raePolicyVersion in a RAE_Policy.json file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9852.",Netgear,Multiple Routers,8.1,HIGH,0.020479999482631683,false,,false,false,false,,,false,false,,2020-08-20T01:17:00.000Z,0