cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-34980,https://securityvulnerability.io/vulnerability/CVE-2021-34980,Arbitrary Code Execution Vulnerability in NETGEAR R6260 Router,"This vulnerability affects NETGEAR R6260 routers, allowing network-adjacent attackers to execute arbitrary code without authentication. The flaw exists in the setupwizard.cgi page, where the SOAP_LOGIN_TOKEN variable is improperly validated. This oversight leads to a buffer overflow, enabling attackers to run code with root privileges, thus compromising the device. Users are encouraged to review security advisories and update their router firmware to mitigate risks.",Netgear,R6260,8.8,HIGH,0.001970000099390745,false,,false,false,false,,,false,false,,2022-01-13T21:44:37.000Z,0
CVE-2021-34979,https://securityvulnerability.io/vulnerability/CVE-2021-34979,Arbitrary Code Execution Flaw in NETGEAR R6260 Router,"A significant vulnerability in the NETGEAR R6260 router permits network-adjacent attackers to execute arbitrary code. This flaw arises from improper validation in the handling of SOAP requests, particularly the SOAPAction header. By exploiting the lack of length validation for user-supplied data, an attacker can write to a fixed-length buffer, allowing execution of code with root privileges. No authentication is necessary to exploit this vulnerability, making it crucial for users to ensure their devices are up to date. For more information, users can consult the relevant security advisory from NETGEAR.",Netgear,R6260,8.8,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2022-01-13T21:44:35.000Z,0
CVE-2021-34978,https://securityvulnerability.io/vulnerability/CVE-2021-34978,Remote Code Execution Vulnerability in NETGEAR Router,"A security flaw exists within the setupwizard.cgi page of NETGEAR R6260 routers that allows network-adjacent attackers to perform arbitrary code execution. The vulnerability can be exploited without authentication, leveraging a crafted SOAP request to trigger a stack-based buffer overflow. Successful exploitation permits attackers to execute code with root privileges, posing a significant risk to affected systems.",Netgear,R6260,8.8,HIGH,0.0013800000306218863,false,,false,false,false,,,false,false,,2022-01-13T21:44:32.000Z,0
CVE-2021-45573,https://securityvulnerability.io/vulnerability/CVE-2021-45573,Stack-Based Buffer Overflow in NETGEAR Routers and Access Points,"A vulnerability exists in certain NETGEAR devices, where an unauthenticated attacker can exploit a stack-based buffer overflow. This flaw affects multiple models including the R6260, R6800, R6700v2, R6900v2, R7450, AC2100, AC2400, and AC2600, all prior to specific firmware versions. Exploiting this weakness could allow unauthorized access and potential manipulation of the affected devices.",Netgear,R6260 Firmware,8.3,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2021-12-26T00:46:04.000Z,0
CVE-2021-45637,https://securityvulnerability.io/vulnerability/CVE-2021-45637,Stack-Based Buffer Overflow Vulnerability in NETGEAR Routers,"Certain NETGEAR routers have a vulnerability that allows unauthenticated attackers to exploit a stack-based buffer overflow. This flaw can allow attackers to execute arbitrary code, potentially compromising device security. Devices affected include models R6260, R6800, R6700v2, R6900v2, R7450, AC2100, AC2400, and AC2600, all requiring specific firmware updates for mitigation.",Netgear,R6260 Firmware,8.3,HIGH,0.0032599999103695154,false,,false,false,false,,,false,false,,2021-12-26T00:31:42.000Z,0