cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-28338,https://securityvulnerability.io/vulnerability/CVE-2023-28338,Resource Exhaustion Vulnerability in Netgear Nighthawk Wifi6 Router,"A vulnerability in the Netgear Nighthawk Wifi6 Router (RAX30) allows attackers to exploit the device's web service by sending specially crafted requests. When the request includes a 'Content-Type' header with 'multipartboundary=', the device writes the request body to '/tmp/mulipartFile'. If an attacker sends a sufficiently large file, it can deplete the router's resources, rendering the device unresponsive until it is manually rebooted. This poses a significant risk to network reliability and accessibility for users.",Netgear,NETGEAR Nighthawk WiFi6 Router (RAX30),7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2023-28337,https://securityvulnerability.io/vulnerability/CVE-2023-28337,Vulnerability in Netgear Nighthawk RAX30 Router Allows Unauthorized Firmware Uploads,"A vulnerability exists in the Netgear Nighthawk Wifi6 Router (RAX30) that permits unauthorized firmware uploads. By exploiting a hidden 'forceFWUpdate' parameter during the firmware image upload process, attackers can bypass essential validation steps. This flaw allows the installation of modified, unofficial, and potentially harmful firmware on the router, posing significant security risks to network integrity and user data.",Netgear,NETGEAR Nighthawk WiFi6 Router (RAX30),8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2023-27851,https://securityvulnerability.io/vulnerability/CVE-2023-27851,Arbitrary Code Execution Vulnerability in NETGEAR Nighthawk WiFi6 Router,"The NETGEAR Nighthawk WiFi6 Router, prior to version V1.0.10.94, has a vulnerability in its file sharing mechanism. This flaw inadvertently grants users with upload permissions the ability to execute arbitrary code on the device, potentially leading to unauthorized control and compromise of the router's functionality.",Netgear,NETGEAR Nighthawk WiFi6 Router,8.8,HIGH,0.0012499999720603228,false,,false,false,false,,,false,false,,2023-03-10T00:00:00.000Z,0
CVE-2023-27853,https://securityvulnerability.io/vulnerability/CVE-2023-27853,Format String Vulnerability in NETGEAR Nighthawk WiFi6 Router,"The NETGEAR Nighthawk WiFi6 Router prior to version V1.0.10.94 is susceptible to a format string vulnerability present in its SOAP service. This flaw can be exploited by attackers, potentially enabling them to execute arbitrary code on the device, which compromises its security and functionality. Users are encouraged to update their devices promptly to mitigate this risk.",Netgear,NETGEAR Nighthawk WiFi6 Router,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-03-10T00:00:00.000Z,0
CVE-2023-27850,https://securityvulnerability.io/vulnerability/CVE-2023-27850,File Sharing Vulnerability in NETGEAR Nighthawk WiFi6 Router,"The NETGEAR Nighthawk WiFi6 Router has a significant flaw in its file sharing mechanism. This vulnerability permits users with access to this feature to reach arbitrary files stored on the device, exposing sensitive information and potentially compromising device security. It is essential for users to upgrade to the latest firmware version to mitigate the risks associated with this vulnerability.",Netgear,NETGEAR Nighthawk WiFi6 Router,6.8,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-03-10T00:00:00.000Z,0
CVE-2023-1205,https://securityvulnerability.io/vulnerability/CVE-2023-1205,Cross-Site Request Forgery Vulnerability in NETGEAR Nighthawk WiFi6 Router,"The NETGEAR Nighthawk WiFi6 Router, prior to version V1.0.10.94, suffers from a vulnerability that allows attackers to exploit inadequately designed CSRF protections. This weakness permits unauthorized commands to be transmitted from a user that the web application trusts, potentially compromising the security of the device and the network it manages.",Netgear,NETGEAR Nighthawk WiFi6 Router,8.8,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2023-03-10T00:00:00.000Z,0
CVE-2023-27852,https://securityvulnerability.io/vulnerability/CVE-2023-27852,Buffer Overflow Vulnerability in NETGEAR Nighthawk WiFi6 Router,"The NETGEAR Nighthawk WiFi6 Router is affected by a buffer overflow vulnerability in its various CGI mechanisms. This flaw allows an attacker to manipulate the device, potentially leading to arbitrary code execution. This security issue emphasizes the importance of keeping firmware updated to safeguard against unauthorized access and exploitation.",Netgear,NETGEAR Nighthawk WiFi6 Router,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2023-03-10T00:00:00.000Z,0
CVE-2022-47209,https://securityvulnerability.io/vulnerability/CVE-2022-47209,Backdoor Vulnerability in Technical Support Account for Affected Device by Vendor,"A backdoor vulnerability has been identified in certain devices that involves a support user account, intending to assist Technical Support staff. This account has a default password set to 'support', which is hardcoded and cannot be modified through standard user interfaces. This situation allows unauthorized access to the device, potentially compromising the security of the system. Effective remediation strategies should be implemented to safeguard against unauthorized access.",Netgear,NETGEAR Nighthawk WiFi6 Router,8.8,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2022-12-16T00:00:00.000Z,0
CVE-2022-47208,https://securityvulnerability.io/vulnerability/CVE-2022-47208,Command Injection Vulnerability in PuHTTPSniff Service Affects Router Devices,"The PuHTTPSniff service, which operates by default on certain routers, is vulnerable to command injection attacks due to insufficiently validated user input. This flaw allows attackers on the same network segment to execute arbitrary commands on the affected device without requiring authentication. This vulnerability poses a significant risk as it can lead to unauthorized access and control over network resources.",Netgear,NETGEAR Nighthawk WiFi6 Router,8.8,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-12-16T00:00:00.000Z,0
CVE-2022-47210,https://securityvulnerability.io/vulnerability/CVE-2022-47210,Arbitrary Command Execution Vulnerability in Telnet Console for a Network Device,"The default telnet console on the affected network devices is limited to a specific set of commands. However, due to improper input handling, authenticated users can exploit this console to issue arbitrary commands directly to the system. This vulnerability presents a significant security risk, allowing attackers to potentially gain control over the device and its functions.",Netgear,Netgear Nighthawk Wifi6 Router,7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-12-16T00:00:00.000Z,0