ReportizFlow
Filtered by vendor Netgear
Subscriptions
Total
1343 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0416 | 1 Netgear | 2 Raxe450, Raxe500 | 2026-06-11 | N/A |
| An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router software or functionality. | ||||
| CVE-2026-0414 | 1 Netgear | 1 Rbe97x | 2026-06-11 | N/A |
| Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality. | ||||
| CVE-2026-0411 | 1 Netgear | 4 Rbe97x, Rbr350, Rbr760 and 1 more | 2026-06-11 | N/A |
| An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue. | ||||
| CVE-2026-0420 | 1 Netgear | 5 Rax120v1, Rax120v2, Rax35 and 2 more | 2026-06-11 | N/A |
| An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting the product's confidentiality. This vulnerability affects the listed NETGEAR models. | ||||
| CVE-2026-9213 | 1 Netgear | 4 Mr70, Ms70, Raxe500 and 1 more | 2026-06-11 | N/A |
| A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device. | ||||
| CVE-2026-0413 | 1 Netgear | 14 Rbe37x, Rbe77x, Rbr750 and 11 more | 2026-06-11 | N/A |
| A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality. | ||||
| CVE-2026-9212 | 1 Netgear | 25 Lbr1020, Lbr20, R6700ax and 22 more | 2026-06-11 | N/A |
| Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations. | ||||
| CVE-2026-9211 | 1 Netgear | 4 Cax30, Rax30, Rax5 and 1 more | 2026-06-10 | N/A |
| An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. | ||||
| CVE-2026-9210 | 1 Netgear | 31 Ex3700, Ex3800, Ex6120 and 28 more | 2026-06-10 | N/A |
| Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality. | ||||
| CVE-2026-3088 | 1 Netgear | 8 Rbr860, Rbre950, Rbre960 and 5 more | 2026-06-10 | N/A |
| Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests. | ||||
| CVE-2026-0419 | 1 Netgear | 1 Jr6150 | 2026-06-10 | N/A |
| Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are planned. NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware. | ||||
| CVE-2026-0418 | 1 Netgear | 35 Cbr750, Ex6120, Ex6130 and 32 more | 2026-06-10 | N/A |
| Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system. | ||||
| CVE-2026-0417 | 1 Netgear | 27 Mr60, Mr70, Mr80 and 24 more | 2026-06-10 | N/A |
| Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity. | ||||
| CVE-2026-0412 | 1 Netgear | 1 Jr6150 | 2026-06-10 | N/A |
| Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in 2018 and is no longer receiving security updates. NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware. | ||||
| CVE-2026-0410 | 1 Netgear | 19 R7000, Rax20, Rax35v2 and 16 more | 2026-06-10 | N/A |
| Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality. | ||||
| CVE-2026-0415 | 1 Netgear | 13 Rbe97x, Rbr750, Rbr840 and 10 more | 2026-06-10 | N/A |
| Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality. | ||||
| CVE-2026-0409 | 1 Netgear | 1 Orbi 370 | 2026-06-10 | N/A |
| A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7. | ||||
| CVE-2006-6059 | 1 Netgear | 1 Ma521 Driver | 2026-04-23 | N/A |
| Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an long supported rates information element. NOTE: this issue was reported as a "memory corruption" error, but the associated exploit code suggests that it is a buffer overflow. | ||||
| CVE-2008-1197 | 2 Marvell, Netgear | 2 88w8361w-bem1, Wn802t | 2026-04-23 | N/A |
| The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID." | ||||
| CVE-2009-2256 | 1 Netgear | 1 Dg632 | 2026-04-23 | N/A |
| The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg. | ||||