VARIoT IoT vulnerabilities database

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at wizpppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component wlg_adv.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P A command injection vulnerability exists in the firmware and other parts of multiple NETGEAR products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the bsw_fix.cgi component failing to properly filter special characters and commands in the constructed command

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the wiz_fix2.cgi component failing to properly filter special characters and commands in the constructed command

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR R8500 is a wireless router from NETGEAR. The vulnerability is caused by the wan_gateway parameter in the genie_fix2.cgi component failing to properly filter special characters and commands in the constructed command

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the system_name parameter at genie_dyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. (DoS) It may be in a state. NETGEAR XR300 is a wireless router from NETGEAR. The vulnerability is caused by the system_name parameter in the genie_dyn.cgi component failing to properly filter special characters and commands in the constructed command

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR XR300 is a wireless router from NETGEAR. The vulnerability is caused by the passphrase parameter in the bridge_wireless_main.cgi component failing to properly verify the length of the input data

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state

D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. D-Link Systems, Inc. of DIR-823G The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-823G is a wireless router from D-Link, a Chinese company

D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. D-Link Systems, Inc. of DIR-823G The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-823G is a wireless router from D-Link, a Chinese company

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR XR300 is a wireless router from NETGEAR. The vulnerability is caused by the ssid parameter in the bridge_wireless_main.cgi component failing to properly verify the length of the input data

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. of netgear XR300 firmware, R7000P firmware, R6400v2 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R7000P Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R7000P is a wireless router from NETGEAR. The vulnerability is caused by the apn parameter in the usbISP_detail_edit.cgi component failing to properly verify the length of the input data

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R7000P Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R7000P is a wireless router from NETGEAR. The vulnerability is caused by the pppoe_localnetmask parameter in the pppoe.cgi component failing to properly verify the length of the input data

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear R7000P Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. NETGEAR R7000P is a wireless router from NETGEAR. The vulnerability is caused by the pptp_user_netmask parameter in the pptp.cgi component failing to properly verify the length of the input data