Vulnerabilities (CVE)

Filtered by vendor Netgear Subscribe
Total 1142 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5972 1 Netgear 2 Wg111v2, Wg111v2 Driver 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.
CVE-2006-4765 1 Netgear 1 Dg834gt 2024-11-21 5.0 MEDIUM N/A
NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of service (device hang) via a long string in the username field in the login window.
CVE-2006-4143 1 Netgear 1 Fvg318 2024-11-21 7.8 HIGH N/A
Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums.
CVE-2006-1068 1 Netgear 1 Netgear Router 2024-11-21 4.9 MEDIUM N/A
Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value.
CVE-2006-1003 1 Netgear 1 Wgt624 2024-11-21 5.0 MEDIUM N/A
The backup configuration option in NETGEAR WGT624 Wireless Firewall Router stores sensitive information in cleartext, which allows remote attackers to obtain passwords and gain privileges.
CVE-2006-1002 1 Netgear 1 Wgt624 2024-11-21 10.0 HIGH N/A
NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remote attackers to modify the configuration. NOTE: followup posts have suggested that this might not occur with all WGT624 routers.
CVE-2005-4220 1 Netgear 1 Rp114 2024-11-21 7.8 HIGH N/A
Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap.
CVE-2005-0328 2 Netgear, Zyxel 3 Rt311, Rt314, Prestige 2024-11-20 5.0 MEDIUM N/A
Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address.
CVE-2005-0291 1 Netgear 1 Fvs318 2024-11-20 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase.
CVE-2005-0290 1 Netgear 1 Fvs318 2024-11-20 7.5 HIGH N/A
NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension.
CVE-2004-2557 1 Netgear 1 Wg602 2024-11-20 5.0 MEDIUM N/A
NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration.
CVE-2004-2556 1 Netgear 1 Wg602 2024-11-20 5.0 MEDIUM N/A
NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration.
CVE-2004-2032 1 Netgear 1 Rp114 2024-11-20 7.5 HIGH N/A
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
CVE-2004-0611 1 Netgear 1 Fvs318 2024-11-20 5.0 MEDIUM N/A
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections.
CVE-2003-1427 1 Netgear 1 Fm114p 2024-11-20 6.4 MEDIUM N/A
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter.
CVE-2002-2355 1 Netgear 1 Fm114p 2024-11-20 7.1 HIGH N/A
Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information.
CVE-2002-2354 1 Netgear 1 Fm114p 2024-11-20 7.8 HIGH N/A
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2002-2116 1 Netgear 2 Rm356, Rt338 2024-11-20 5.0 MEDIUM N/A
Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap.
CVE-2002-2020 1 Netgear 1 Rp114 2024-11-20 7.5 HIGH N/A
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed.
CVE-2002-1892 1 Netgear 1 Fvs318 2024-11-20 2.1 LOW N/A
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.