Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

NETGEAR — Vulnerabilities & Security Advisories 177

Browse all 177 CVE security advisories affecting NETGEAR. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NETGEAR manufactures networking hardware, primarily consumer and small business routers, switches, and wireless access points. The company’s extensive vulnerability record, comprising 177 Common Vulnerabilities and Exposures (CVEs), highlights systemic security weaknesses in its embedded firmware. Historically, the most prevalent flaw classes include remote code execution (RCE), which allows attackers to gain full control over devices, and cross-site scripting (XSS) within web management interfaces. Privilege escalation and buffer overflow vulnerabilities are also common, often stemming from insufficient input validation and hardcoded credentials. These defects have facilitated large-scale botnet recruitment and unauthorized network access. While NETGEAR has implemented security response protocols, the high volume of disclosed issues reflects ongoing challenges in securing resource-constrained IoT devices. The persistent presence of critical flaws underscores the difficulty of maintaining robust security standards across a vast portfolio of consumer networking equipment.

Top products by NETGEAR: ProSAFE Network Management System RAX30 SRX5308 R6700 Multiple Routers EX6200 R7800 R6700v3 JWNR2000v2 R6260 DGND3700 WNDR3700v2 R7000 Orbi Router RBR750 WN604 NETGEAR ProSAFE Network Management System EX6120 XR1000 R7450 N300 WNR2000v5 EX5000 WNCE3001 EX6150 D6400 SPH200D DGN2200B DGN1000 EX6100 DGN1000B WAX610
CVE IDTitleCVSSSeverityPublished
CVE-2025-4146 Netgear EX6200 sub_41940 buffer overflow — EX6200CWE-120 8.8 High2025-05-01
CVE-2025-4145 Netgear EX6200 sub_3D0BC buffer overflow — EX6200CWE-120 8.8 High2025-05-01
CVE-2025-4142 Netgear EX6200 sub_3C8EC buffer overflow — EX6200CWE-120 8.8 High2025-04-30
CVE-2025-4141 Netgear EX6200 sub_3C03C buffer overflow — EX6200CWE-120 8.8 High2025-04-30
CVE-2025-4140 Netgear EX6120 sub_30394 buffer overflow — EX6120CWE-120 8.8 High2025-04-30
CVE-2025-4139 Netgear EX6120 fwAcosCgiInbound buffer overflow — EX6120CWE-120 8.8 High2025-04-30
CVE-2025-4135 Netgear WG302v2 ui_get_input_value command injection — WG302v2CWE-77 6.3 Medium2025-04-30
CVE-2025-4122 Netgear JWNR2000v2 sub_435E04 command injection — JWNR2000v2CWE-77 6.3 Medium2025-04-30
CVE-2025-4121 Netgear JWNR2000v2 cmd_wireless command injection — JWNR2000v2CWE-77 6.3 Medium2025-04-30
CVE-2025-4120 Netgear JWNR2000v2 sub_4238E8 buffer overflow — JWNR2000v2CWE-120 8.8 High2025-04-30
CVE-2025-4117 Netgear JWNR2000v2 sub_41A914 buffer overflow — JWNR2000v2CWE-120 5.5 Medium2025-04-30
CVE-2025-4116 Netgear JWNR2000v2 get_cur_lang_ver buffer overflow — JWNR2000v2CWE-120 8.8 High2025-04-30
CVE-2025-4115 Netgear JWNR2000v2 default_version_is_new buffer overflow — JWNR2000v2CWE-120 8.8 High2025-04-30
CVE-2025-4114 Netgear JWNR2000v2 check_language_file buffer overflow — JWNR2000v2CWE-120 8.8 High2025-04-30
CVE-2025-25246 NETGEAR XR1000和NETGEAR XR500 安全漏洞 — XR1000CWE-94 8.1 High2025-02-05
CVE-2024-23690 EOL Netgear FVS336v3 Telnet Configuration Backup Command Injection — FVS336Gv3CWE-78 7.2 High2025-02-04
CVE-2024-12847 NETGEAR DGN setup.cgi OS Command Injection — DGN1000CWE-78 9.8 Critical2025-01-10
CVE-2024-12988 Netgear R6900P/R7000P HTTP Header sub_16C4C buffer overflow — R6900PCWE-120 7.3 High2024-12-27
CVE-2024-12147 Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow — R6900CWE-120 6.5 Medium2024-12-04
CVE-2023-51635 NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability — RAX30CWE-121 8.8 -2024-11-22
CVE-2023-51634 NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability — RAX30CWE-295 8.8 -2024-11-22
CVE-2024-6814 NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability — ProSAFE Network Management SystemCWE-89 8.8AIHighAI2024-08-21
CVE-2024-6813 NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability — ProSAFE Network Management SystemCWE-89 8.8AIHighAI2024-08-21
CVE-2024-7153 Netgear WN604 siteSurvey.php direct request — WN604CWE-425 5.3 Medium2024-07-27
CVE-2024-6646 Netgear WN604 Web Interface downloadFile.php information disclosure — WN604CWE-200 5.3 Medium2024-07-10
CVE-2024-5505 NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability — ProSAFE Network Management SystemCWE-22 8.8AIHighAI2024-06-06
CVE-2024-5247 NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability — ProSAFE Network Management SystemCWE-434 8.8AIHighAI2024-05-23
CVE-2024-5246 NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability — ProSAFE Network Management SystemCWE-1395 8.8AIHighAI2024-05-23
CVE-2024-5245 NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability — ProSAFE Network Management SystemCWE-1392 7.8AIHighAI2024-05-23
CVE-2022-43654 NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability — CAX30SCWE-78 8.8AIHighAI2024-05-07

This page lists every published CVE security advisory associated with NETGEAR. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.