Netgear Products Multiple Vulnerabilities
Release Date:
11 Nov 2024
2371
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Netgear Products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, data manipulation, sensitive information disclosure, remote code execution, elevation of privilege, denial of service condition and security restriction bypass on the targeted system.
Impact
- Cross-Site Scripting
- Security Restriction Bypass
- Denial of Service
- Elevation of Privilege
- Information Disclosure
- Remote Code Execution
- Data Manipulation
System / Technologies affected
- NETGEAR WAX630E version prior to 10.8.8.7
- NETGEAR XR1000 version prior to 1.0.0.74
- NETGEAR XR1000v2 version prior to 1.1.1.22
- NETGEAR Insight version prior to 7.4
- NETGEAR RBK852 version prior to 7.2.6.21
- NETGEAR RBR850 version prior to 7.2.6.21
- NETGEAR RBS850 version prior to 7.2.6.21
Solutions
Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:
- https://kb.netgear.com/000066407/Security-Advisory-for-Security-Misconfiguration-on-Some-Access-Points-PSV-2023-0141?article=000066407
- https://kb.netgear.com/000066408/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2023-0117?article=000066408
- https://kb.netgear.com/000066409/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2023-0109?article=000066409
- https://kb.netgear.com/000066410/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2023-0047?article=000066410
- https://kb.netgear.com/000066412/Security-Advisory-for-Sensitive-Information-Disclosure-on-Insight-PSV-2024-0053?article=000066412
- https://kb.netgear.com/000066413/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Insight-PSV-2024-0035?article=000066413
- https://kb.netgear.com/000066414/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0183?article=000066414
Vulnerability Identifier
- No CVE information is available
Source
Related Link
- https://kb.netgear.com/000066407/Security-Advisory-for-Security-Misconfiguration-on-Some-Access-Points-PSV-2023-0141?article=000066407
- https://kb.netgear.com/000066408/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2023-0117?article=000066408
- https://kb.netgear.com/000066409/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2023-0109?article=000066409
- https://kb.netgear.com/000066410/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2023-0047?article=000066410
- https://kb.netgear.com/000066412/Security-Advisory-for-Sensitive-Information-Disclosure-on-Insight-PSV-2024-0053?article=000066412
- https://kb.netgear.com/000066413/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Insight-PSV-2024-0035?article=000066413
- https://kb.netgear.com/000066414/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0183?article=000066414
Related Tags
Share with