Details of VAR-202303-0770

ID

VAR-202303-0770

CVE

CVE-2023-27851

TITLE

of netgear RAX30 Firmware vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2023-005284

DESCRIPTION

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device. of netgear RAX30 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR. NETGEAR Nighthawk WiFi6 Router has a code execution vulnerability. The vulnerability is due to the file sharing mechanism contained in the device. Attackers can exploit this vulnerability to execute arbitrary code

Trust: 2.25

sources: NVD: CVE-2023-27851 // JVNDB: JVNDB-2023-005284 // CNVD: CNVD-2025-13353 // VULMON: CVE-2023-27851

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-13353

AFFECTED PRODUCTS

vendor:	netgear	model:	rax30	scope:	lt	version:	1.0.10.94	Trust: 1.0
vendor:	ネットギア	model:	rax30	scope:	eq	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax30	scope:	eq	version:	rax30 firmware 1.0.10.94	Trust: 0.8
vendor:	ネットギア	model:	rax30	scope:	-	version:	-	Trust: 0.8
vendor:	netgear	model:	nighthawk wifi6 router	scope:	lt	version:	v1.0.10.94	Trust: 0.6

sources: CNVD: CNVD-2025-13353 // JVNDB: JVNDB-2023-005284 // NVD: CVE-2023-27851

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-27851
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2023-27851
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-27851
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-13353
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202303-820
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-13353
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-27851
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2023-27851
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-13353 // JVNDB: JVNDB-2023-005284 // CNNVD: CNNVD-202303-820 // NVD: CVE-2023-27851 // NVD: CVE-2023-27851

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-005284 // NVD: CVE-2023-27851

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202303-820

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202303-820

PATCH

title:	Patch for NETGEAR Nighthawk WiFi6 Router Code Execution Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/700461	Trust: 0.6
title:	NETGEAR Nighthawk Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=229462	Trust: 0.6

sources: CNVD: CNVD-2025-13353 // CNNVD: CNNVD-202303-820

EXTERNAL IDS

db:	NVD	id:	CVE-2023-27851	Trust: 3.9
db:	JVNDB	id:	JVNDB-2023-005284	Trust: 0.8
db:	CNVD	id:	CNVD-2025-13353	Trust: 0.6
db:	CNNVD	id:	CNNVD-202303-820	Trust: 0.6
db:	VULMON	id:	CVE-2023-27851	Trust: 0.1

sources: CNVD: CNVD-2025-13353 // VULMON: CVE-2023-27851 // JVNDB: JVNDB-2023-005284 // CNNVD: CNNVD-202303-820 // NVD: CVE-2023-27851

REFERENCES

url:	https://tenable.com/security/research/tra-2023-9	Trust: 2.5
url:	https://cxsecurity.com/cveshow/cve-2023-27851/	Trust: 1.2
url:	https://nvd.nist.gov/vuln/detail/cve-2023-27851	Trust: 0.8
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2025-13353 // VULMON: CVE-2023-27851 // JVNDB: JVNDB-2023-005284 // CNNVD: CNNVD-202303-820 // NVD: CVE-2023-27851

SOURCES

db:	CNVD	id:	CNVD-2025-13353
db:	VULMON	id:	CVE-2023-27851
db:	JVNDB	id:	JVNDB-2023-005284
db:	CNNVD	id:	CNNVD-202303-820
db:	NVD	id:	CVE-2023-27851

LAST UPDATE DATE

2025-06-25T23:16:34.311000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-13353	date:	2025-06-24T00:00:00
db:	VULMON	id:	CVE-2023-27851	date:	2023-03-10T00:00:00
db:	JVNDB	id:	JVNDB-2023-005284	date:	2023-11-07T06:25:00
db:	CNNVD	id:	CNNVD-202303-820	date:	2023-03-17T00:00:00
db:	NVD	id:	CVE-2023-27851	date:	2025-02-27T22:15:36.340

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-13353	date:	2025-06-23T00:00:00
db:	VULMON	id:	CVE-2023-27851	date:	2023-03-10T00:00:00
db:	JVNDB	id:	JVNDB-2023-005284	date:	2023-11-07T00:00:00
db:	CNNVD	id:	CNNVD-202303-820	date:	2023-03-10T00:00:00
db:	NVD	id:	CVE-2023-27851	date:	2023-03-10T18:15:17.080