cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-28337,https://securityvulnerability.io/vulnerability/CVE-2023-28337,Vulnerability in Netgear Nighthawk RAX30 Router Allows Unauthorized Firmware Uploads,"A vulnerability exists in the Netgear Nighthawk Wifi6 Router (RAX30) that permits unauthorized firmware uploads. By exploiting a hidden 'forceFWUpdate' parameter during the firmware image upload process, attackers can bypass essential validation steps. This flaw allows the installation of modified, unofficial, and potentially harmful firmware on the router, posing significant security risks to network integrity and user data.",Netgear,NETGEAR Nighthawk WiFi6 Router (RAX30),8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2023-28338,https://securityvulnerability.io/vulnerability/CVE-2023-28338,Resource Exhaustion Vulnerability in Netgear Nighthawk Wifi6 Router,"A vulnerability in the Netgear Nighthawk Wifi6 Router (RAX30) allows attackers to exploit the device's web service by sending specially crafted requests. When the request includes a 'Content-Type' header with 'multipartboundary=', the device writes the request body to '/tmp/mulipartFile'. If an attacker sends a sufficiently large file, it can deplete the router's resources, rendering the device unresponsive until it is manually rebooted. This poses a significant risk to network reliability and accessibility for users.",Netgear,NETGEAR Nighthawk WiFi6 Router (RAX30),7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2022-4390,https://securityvulnerability.io/vulnerability/CVE-2022-4390,Network Misconfiguration in NETGEAR RAX30 AX2400 Series Routers,"Versions of the NETGEAR RAX30 AX2400 series routers prior to 1.0.9.90 exhibit a network misconfiguration where IPv6 is enabled by default on the WAN interface. While there are existing firewall restrictions for IPv4 traffic, these do not extend to IPv6 traffic, potentially exposing services such as SSH and Telnet to unauthorized access. This could allow remote attackers to interact with services that are typically restricted to local network clients, posing significant security risks.",Netgear,Netgear Nighthawk Rax30,10,CRITICAL,0.002420000033453107,false,,false,false,false,,,false,false,,2022-12-09T00:00:00.000Z,0