Количество 3
Количество 3
CVE-2022-27645
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762.
GHSA-jv3h-vgc4-3286
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762.
BDU:2022-01719
Уязвимость файла readycloud_control.cgi встроенного программного обеспечения маршрутизаторов NETGEAR R6400v2, NETGEAR R6700v3, NETGEAR R7000, NETGEAR R8500, NETGEAR RAX15, NETGEAR RAX20, NETGEAR RAX35v2, NETGEAR RAX38v2, NETGEAR RAX40v2, NETGEAR RAX42, NETGEAR RAX43, NETGEAR RAX45, NETGEAR RAX48, NETGEAR RAX50, NETGEAR RAX50S, NETGEAR LAX20 позволяющая нарушителю обойти аутентификацию
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-27645 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762. | CVSS3: 8.8 | 0% Низкий | почти 3 года назад |
| GHSA-jv3h-vgc4-3286 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762. | CVSS3: 8.8 | 0% Низкий | почти 3 года назад |
 | BDU:2022-01719 Уязвимость файла readycloud_control.cgi встроенного программного обеспечения маршрутизаторов NETGEAR R6400v2, NETGEAR R6700v3, NETGEAR R7000, NETGEAR R8500, NETGEAR RAX15, NETGEAR RAX20, NETGEAR RAX35v2, NETGEAR RAX38v2, NETGEAR RAX40v2, NETGEAR RAX42, NETGEAR RAX43, NETGEAR RAX45, NETGEAR RAX48, NETGEAR RAX50, NETGEAR RAX50S, NETGEAR LAX20 позволяющая нарушителю обойти аутентификацию | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу