Netgear Rax30

33 CVEs affecting Netgear Rax30. Latest disclosed: 2026-06-09. Critical: 4, High: 23.

Top CVEs affecting Netgear Rax30
CVESeverityScorePublishedSummary
CVE-2025-44658Critical9.82025-07-21In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An att…
CVE-2023-1327Critical9.82023-03-14Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain adminis…
CVE-2023-27853Critical9.82023-03-10NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary c…
CVE-2023-27852Critical9.82023-03-10NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute a…
CVE-2026-9211High8.82026-06-09An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.
CVE-2023-51635High8.82024-11-22NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitra…
CVE-2023-40480High8.82024-05-03NETGEAR RAX30 DHCP Server Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-40479High8.82024-05-03NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on aff…
CVE-2023-35722High8.82024-05-03NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on aff…
CVE-2023-34285High8.82024-05-03NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to exec…
CVE-2023-27369High8.82024-05-03NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute ar…
CVE-2023-27368High8.82024-05-03NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arb…
CVE-2023-27360High8.82024-05-03NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on…
CVE-2023-27358High8.82024-05-03NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on…
CVE-2023-28337High8.82023-03-15When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complet…
CVE-2023-27851High8.82023-03-10NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbit…
CVE-2023-1205High8.82023-03-10NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF prot…
CVE-2022-47209High8.82022-12-16A support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “support” and cannot be…
CVE-2023-27367High8.02024-05-03NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-27361High8.02024-05-03NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to exe…