R7000p_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
R7000p_firmware
(Netgear)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	151

Date	Id	Summary	Products	Score	Patch	Annotated
2024-11-05	CVE-2024-52025	Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.	R6400v2_firmware, R7000p_firmware, Xr300_firmware	N/A
2024-11-05	CVE-2024-52026	Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at bsw_pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.	R6400v2_firmware, R7000p_firmware, Xr300_firmware	N/A
2024-11-05	CVE-2024-51010	Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.	R6400v2_firmware, R7000p_firmware, R8500_firmware, Xr300_firmware	N/A
2024-11-05	CVE-2024-50996	Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.	R6400v2_firmware, R7000p_firmware, R8500_firmware, Xr300_firmware	N/A
2024-11-05	CVE-2024-51003	Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.	R6400v2_firmware, R7000p_firmware, R8500_firmware, Xr300_firmware	N/A
2022-11-22	CVE-2022-44186	Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.	R7000p_firmware	9.8
2022-11-22	CVE-2022-44187	Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.	R7000p_firmware	9.8
2022-11-22	CVE-2022-44188	Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.	R7000p_firmware	9.8
2022-11-22	CVE-2022-44190	Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.	R7000p_firmware	9.8
2022-11-22	CVE-2022-44191	Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.	R7000p_firmware	9.8