Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.7

    MEDIUM
    CVE-2024-52017

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51022

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51016

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51014

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-51008

    Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the system_name parameter at wiz_dyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51007

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 9.8

    CRITICAL
    CVE-2025-28219

    Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request.... Read more

    Affected Products : dc112a_firmware dc112a
    • Published: Mar. 28, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Injection

  • 8.0

    HIGH
    CVE-2024-52021

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-52020

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-52019

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51012

    Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-51009

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-51005

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51013

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51015

    Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51017

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51018

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51019

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51020

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-52028

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025
Showing 20 of 291541 Results