🚨 CVE-2021-32468
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.
🎖@cveNotify
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.
🎖@cveNotify
NETGEAR KB
Security Advisory for WiFi WPS and IEEE-1905 Vulnerabilities on Multiple Products, PSV-2021-0298 & PSV-2021-0300
First published: 2021-11-11 Associated CVE IDs WPS connection Vulnerabilities CVE-2021-35055, CVE-2021-37560, CVE-2021-37561, CVE-2021-37584, CVE-2021-37563, CVE-2021-32467, CVE-2021-32468, CVE-2021-32469, CVE-2021-37562 IEEE 1905 Vulnerabilities CVE-2021…
🚨 CVE-2021-32467
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.
🎖@cveNotify
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.
🎖@cveNotify
NETGEAR KB
Security Advisory for WiFi WPS and IEEE-1905 Vulnerabilities on Multiple Products, PSV-2021-0298 & PSV-2021-0300
First published: 2021-11-11 Associated CVE IDs WPS connection Vulnerabilities CVE-2021-35055, CVE-2021-37560, CVE-2021-37561, CVE-2021-37584, CVE-2021-37563, CVE-2021-32467, CVE-2021-32468, CVE-2021-32469, CVE-2021-37562 IEEE 1905 Vulnerabilities CVE-2021…
⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel.
For advertising plans contact @SirMalware ⚠️ℹ️⚠️
For advertising plans contact @SirMalware ⚠️ℹ️⚠️
CVE Notify pinned «⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel. For advertising plans contact @SirMalware ⚠️ℹ️⚠️»
🚨 CVE-2021-45659
Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40.
🎖@cveNotify
Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40.
🎖@cveNotify
Netgear
Security Advisory for Server Side Injection on Some WiFi Systems, PSV-2019-0126 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-09-25 NETGEAR has released fixes for a server side injection security vulnerability on the following product models: RBK40, running firmware versions prior to 2.5.1.16 RBR40, running firmware versions prior to…
🚨 CVE-2021-45658
Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.
🎖@cveNotify
Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.
🎖@cveNotify
Netgear
Security Advisory for Server Side Injection on Some Routers, Extenders, and WiFi Systems, PSV-2019-0125 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-09-25 NETGEAR has released fixes for a server side injection security vulnerability on the following product models: D7800, running firmware versions prior to 1.0.1.58 DM200, running firmware versions prior to…
🚨 CVE-2021-45657
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, and WNR2020 before 1.1.0.62.
🎖@cveNotify
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, and WNR2020 before 1.1.0.62.
🎖@cveNotify
NETGEAR KB
Security Advisory for Server Side Injection on Some Routers and WiFi Systems, PSV-2019-0141
Associated CVE IDs: None First published: 2021-09-25 NETGEAR has released fixes for a server side injection security vulnerability on the following product models: D6200, running firmware versions prior to 1.1.00.38 D7000, running firmware versions prior…
🚨 CVE-2021-45656
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40.
🎖@cveNotify
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40.
🎖@cveNotify
Netgear
Security Advisory for Server Side Injection on Some Routers and WiFi Systems, PSV-2019-0140 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-09-25 NETGEAR has released fixes for a server side injection security vulnerability on the following product models: D6200, running firmware versions prior to 1.1.00.38 D7000, running firmware versions prior…
🚨 CVE-2021-45655
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection.
🎖@cveNotify
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection.
🎖@cveNotify
Netgear
Security Advisory for Server Side Injection on R6400, PSV-2019-0178 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-09-25 NETGEAR has released fixes for a server side injection security vulnerability on the following product models: R6400, running firmware versions prior to 1.0.1.70 NETGEAR strongly recommends that you download…
🚨 CVE-2021-45654
NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information.
🎖@cveNotify
NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information.
🎖@cveNotify
Netgear
Security Advisory for Sensitive Information Disclosure on XR1000, PSV-2021-0015 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-09-26 NETGEAR has released fixes for a sensitive information disclosure security vulnerability on the following product models: XR1000, running firmware versions prior to 1.0.0.58 NETGEAR strongly recommends…
🚨 CVE-2021-4169
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
🎖@cveNotify
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
🎖@cveNotify
GitHub
Proper escape · LiveHelperChat/livehelperchat@8f6ddad
Live Helper Chat - live support for your website. Featuring web and mobile apps, Voice & Video & ScreenShare. Supports Telegram, Twilio (whatsapp), Facebook messenger including building a bot. - Proper escape · LiveHelperChat/livehelperchat@8f6ddad
⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel.
For advertising plans contact @SirMalware ⚠️ℹ️⚠️
For advertising plans contact @SirMalware ⚠️ℹ️⚠️
CVE Notify pinned «⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel. For advertising plans contact @SirMalware ⚠️ℹ️⚠️»
🚨 CVE-2021-20050
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.
🎖@cveNotify
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.
🎖@cveNotify
🚨 CVE-2021-45600
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
🎖@cveNotify
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
🎖@cveNotify
Netgear
Security Advisory for Post-Authentication Command Injection on Some WiFi Systems, PSV-2020-0555 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-09-26 NETGEAR has released fixes for a post-authentication command injection security vulnerability on the following product models: CBR750, running firmware versions prior to 4.6.3.6 RBK852, running firmware…
🚨 CVE-2021-45625
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R6900P before 1.3.3.140.
🎖@cveNotify
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R6900P before 1.3.3.140.
🎖@cveNotify
Netgear
Security Advisory for Pre-Authentication Command Injection on Some Routers, PSV-2020-0371 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-12-21 NETGEAR has released fixes for a pre-authentication command injection security vulnerability on the following product models: XR300, running firmware versions prior to 1.0.3.68 R7000P, running firmware…
🚨 CVE-2021-45627
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
🎖@cveNotify
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
🎖@cveNotify
NETGEAR KB
Security Advisory for Pre-Authentication Command Injection on Some WiFi Systems, PSV-2020-0471
Associated CVE IDs: None First published: 2021-09-26 NETGEAR has released fixes for a pre-authentication command injection security vulnerability on the following product models: CBR750, running firmware versions prior to 4.6.3.6 RBK852, running firmware…
🚨 CVE-2021-45497
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
🎖@cveNotify
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
🎖@cveNotify
Netgear
Security Advisory for Authentication Bypass on D7000, PSV-2021-0155 | Answer | NETGEAR Support
Associated CVE IDs: None First published: 2021-12-22 NETGEAR has released fixes for an authentication bypass security vulnerability on the following product models: D7000, running firmware versions prior to 1.0.1.82 NETGEAR strongly recommends that you download…
🚨 CVE-2021-45496
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
🎖@cveNotify
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
🎖@cveNotify
NETGEAR KB
Security Advisory for Authentication Bypass on D7000, PSV-2021-0060
Associated CVE IDs: None First published: 2021-12-22 NETGEAR has released fixes for an authentication bypass security vulnerability on the following product models: D7000, running firmware versions prior to 1.0.1.82 NETGEAR strongly recommends that you download…