Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.0

    HIGH
    CVE-2024-52021

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at bsw_fix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-52020

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-52019

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-52018

    Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the system_name parameter at genie_dyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-52017

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-52016

    Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allo... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 21, 2025

  • 5.7

    MEDIUM
    CVE-2024-52015

    Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a c... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 21, 2025

  • 5.7

    MEDIUM
    CVE-2024-52014

    Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 21, 2025

  • 5.7

    MEDIUM
    CVE-2024-52013

    Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a c... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 21, 2025

  • 8.0

    HIGH
    CVE-2024-51024

    D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : dir-823g_firmware dir-823g
    • Published: Nov. 05, 2024
    • Modified: May. 07, 2025

  • 8.8

    HIGH
    CVE-2024-51023

    D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : dir-823g_firmware dir-823g
    • Published: Nov. 05, 2024
    • Modified: May. 07, 2025

  • 5.7

    MEDIUM
    CVE-2024-51022

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-51021

    Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a craf... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 21, 2025

  • 5.7

    MEDIUM
    CVE-2024-51020

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51019

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51018

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51017

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51016

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51015

    Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51014

    Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : xr300_firmware xr300
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025
Showing 20 of 293618 Results